last executing test programs:

5.994932242s ago: executing program 2:
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
syz_usb_connect$hid(0x0, 0x36, &(0x7f00000000c0)=ANY=[], 0x0)

5.398298009s ago: executing program 2:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b7030000000000de850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_emit_ethernet(0x8a, &(0x7f0000000500)={@local, @multicast, @void, {@ipv6={0x86dd, @gre_packet={0x0, 0x6, "dd69bf", 0x54, 0x2b, 0x0, @local, @local, {[@dstopts={0x3c, 0x0, '\x00', [@jumbo]}], {{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x8100}}}}}}}, 0x0)

5.346586828s ago: executing program 2:
socket$inet6_tcp(0xa, 0x1, 0x0)
request_key(0x0, 0x0, 0x0, 0xfffffffffffffffc)
socket$inet6(0xa, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0xc9d7, 0x9, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, <r1=>0xffffffffffffffff}, &(0x7f00000006c0), &(0x7f00000005c0)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_buf(r3, 0x0, 0x8008000000010, &(0x7f0000000000)="170000000200010000ffbe8c5ee17688a20033000202000aff3f000057fce46d0a00d65ad90200bb6a880000d6c8db0000dba67e06020000e28900000a00df01800a000000fc0607bdff59100ac45761547ae81f009cee4a5acb3da400001fb700674f00c88ebbf9315033bf79ac2dfc060115003901000000000000ea000000000000000062068f5ee50ce5af9b1c568311ffff02ff030000ba000840024f0298e9e90539062a80e605007f71174aa951f3c63e5a1b47b6", 0xb8)
syz_emit_ethernet(0x2a, &(0x7f0000000000)={@random="9b43a409aa81", @dev, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x1, 0x0, @private, @broadcast}, @echo_reply={0xe0}}}}}, 0x0)

5.313699213s ago: executing program 2:
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x248, &(0x7f0000000980)={[{@test_dummy_encryption}, {@resgid}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4}}, {@max_batch_time={'max_batch_time', 0x3d, 0x8}}, {@mblk_io_submit}, {@usrjquota}, {@nodelalloc}, {@errors_remount}, {@data_journal}]}, 0xfd, 0x4a1, &(0x7f00000004c0)="$eJzs3M1rHOUfAPDvzG7SX1+TX60vrdVGq1h8SZq0akGhKggeFAQ91JPEJC21aSNNBFuKjVLqRdCCdxG8CP4FPXkS9SR41bsUivTS6mllsrPrJtndbLPJbl4+H5juPJln9vl+d2Z2nplnpwFsWgPZP0nEjoj4PSL6IiJdWGFr+eXOrUtjf9+6NJZEqfTWX0m2Wty+dWmsUjXJX7eXC8XsjdIrSbxUp93pCxfPjE5OTpzPy0MzZz8Ymr5w8ZnTZ0dPTZyaODdy7NjRI8PPPzfy7IrkmcV0e9/HU/v3vvbOtTfGTlx77+fvk5qga/No0wt91dnrg0mDSo+vUGNrxc6a+aTYuF5pSyeioVXZ5sg2V8/c8d8XhSu7qsv64tVPuxocsKpKpVJppPHi2RKwgSXR7QiA7qic6LPr38rUoa7HmnDz5fIFUJb3nXwqLymW74NsKV8b7Vyl9gci4sTsP19nU9z1fYieVYoKANjIfsj6P0/X6/+lcV9NvV352FB/RPw/InZHxD0RsSci7o2Yq3t/RDxQv5mBdxu0P7CgvLj/k95YfnZLy/p/L+ZjW/P7f9VRsP5CXto5l39PcvL05MTh/DM5FD1bsvJw3XdPImaz19++aNR+bf8vm7L2K33BPI4bxePz1xkfnRltO/HczU8i9hXr5Z9E8b8sYm9E7FtmG6ef/G7//L8UqnNL599Ek3GmVpW+iXiivP1nY0H+FUnz8cmh/8XkxOGhyl6x2C+/Xn2zUfvl/NNonv/W9hNtINv+2+rt/8er+fcnteO104veonepNq7+8VnDa5qW9v8FY4bZ/t+bvD2v8Y9GZ2bOD0f0Jq8v/nvNDe5KuVI/y//QwfrH/+58nSz/ByMi24kfioiHI+JAHvsjEfFoRBxskv9Przz2fsP8D7Sx/6+ALP/xut9/jbb/3c8Uzvx4vVH7rW3/o5XCXFCtfP+1GmA7nx0AAACsF2lE7IgkHazOp+ngYPn38ntiWzo5NT3z1MmpD8+Nl58R6I+etHKnq6/mfuhwfm+4Uh7Jy5fz8pH8vvFXha1z5cGxqcnxbicPm9z2Bsd/5s9Ct6MDVt0KjKMB69TSx3/akTiAzlv++V/PAda7JY5iJ3/YwJzFYfOqd/xfri0kUf6VPLDhOP/D5lU9/r9soXLN414LH94E1p9m5/9SXwcDATpO/x82pXae618TM/FtRPM6yVoJ9a5mPm9n9eLiRWmscISRdvHz6e3KRhkpRHRxlyi2+r9axIXS5bYb7fY3EwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMr4NwAA//85MuVZ")
mount$cgroup(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000100)={[{@subsystem='cpuset'}, {@subsystem='memory'}, {@subsystem='cpuacct'}]})
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000080)='cpuset.sched_load_balance\x00', 0x2, 0x0)
write$cgroup_int(r1, &(0x7f00000000c0), 0x12)

5.131812693s ago: executing program 2:
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f00000001c0)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x1fd2, 0x6007, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000a00)={0x24, 0x0, 0x0, &(0x7f0000000940)={0x0, 0x22, 0x5, {[@main=@item_4={0x3, 0x0, 0x0, "2c98d613"}]}}, 0x0}, 0x0)

3.957620674s ago: executing program 0:
bpf$PROG_LOAD(0x5, 0x0, 0x0)
pipe2$9p(0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000001000000000000000000850000007d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000180)='sys_enter\x00', r0}, 0x10)
setreuid(0x0, 0x0)

3.875263148s ago: executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000017850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000001900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.time_recursive\x00', 0x275a, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000001c0)='ext4_ext_remove_space\x00', r3}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000001c0)='ext4_ext_remove_space\x00', r1}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.time_recursive\x00', 0x275a, 0x0)

3.853292871s ago: executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r3, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
syz_emit_ethernet(0x120, &(0x7f0000000100)={@local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xeb, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @multicast1}, {0x0, 0x4e20, 0x9c, 0x0, @wg=@response={0x2, 0x0, 0x0, "82d18160f7d8dda36479a6b179161b4bbff2d0508977b3928ebd2dee05607d17", "0194bd7b1b0303c5ba7f602606a285b3", {"30da2d58da817f8a5f77a23de36a2164", "3b33cfa231a427159c7b9f0eceb155f0"}}}}}}}, 0x0)
recvfrom(r3, 0x0, 0x0, 0x0, 0x0, 0x0)

3.589457344s ago: executing program 4:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000047000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b7030000000000f7850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000580)='ext4_mb_release_inode_pa\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='ext4_mb_release_inode_pa\x00', r2}, 0x10)
write$cgroup_subtree(r0, 0x0, 0x32600)

3.575372936s ago: executing program 4:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x8, &(0x7f0000005c00)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546000677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5467a932b77674e802a0d42bc6099ad238af770b5ed8925161729298900000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24490a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809b5b9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed3957f813567f7a95435ac15fc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac559eaf39027ceb379a902d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1fcff7a1ef3282837771429d120000003341bf4abacac94500fca0493cf29b33dcc9ffffffffffffffd39f6ce0c6ff01589646efd1cf870cd7bb2366fdf870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969cc1595229df17bcad70fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1293b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd000c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301fb997316dbf17866fb84d400000000000004011c55ef08235a0126e01254c44060926e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a861887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc74aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7ad333545794f37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea139376f24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8e3070000001e48418046c216c1f895778cb25122a2a998de0842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec84ac3571f02f647b3385b3b8a8c9ae3d14f93100c2e0890700eef552fcde2981f48c482bde8a168c3f5db2eaa6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba2f58ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df986741517abf11389b751f4e109b60000100000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750890ae71555b3228b1bd627e87306703be8672d70d1ab57075228a9f46ed90868afc4294859323e7a45319f18101288d139bd3da230ed05a8fe64680b0a3f9f2dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b9100000000a55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c776f4b4ce07e1c6fa66fcfc7a228805f76785efc0ceb1c8e5729c66418d169fc03aa18854693ad2a182068e1e3a0e2505bc7f41019645466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7e478950aa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab848753203b458b97ec1afb079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7db3c4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c83ae45b2569dc0d90b075225fde44c4e0973171ad47d6b70ebc660309e1e245b0fdf9743af932cd6db49a47613808bad959719c0000000000378ac2e24c7e800003c9e8095e02985f28e678f66422636f949e2ab8f162d7e3f855e378f4a1f40bc96fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6ca0400966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e3030108000000000000c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bffef97dcecc467ace456597685c5870d25f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df775e411bef0ebb5000000000006065d6735eb7a00e127c0000000000000000000000bfb0bba79344643b1d8daa9f38e4b62c1e2af68c6f5054b078acd74b4a9c944e4505da485a3a4154387a0a88370d9ed9467b09c5888a06431df3f68abf0b366c4d5f8bea7b29c257ed756dff7a21c6b661cbdd43de65afd7f661d5c84f915c90e3d6ea012b68b787eb01d8320000000000000060176dacba0ec503a37fae6b472ec369c79ee6a420c0fd8d8d82fe136d5af6c30bfeb0a7275babfdb96a127aa9386e0671c6454245a18c1c8c49552cff5d27b547cdc34c0858c77a47a9ff86ee9fbd9ceda428716a4218821176d8067997527230fa67d26950d3e4f2750fa7c872874ad3a2d11f9f6eb08e6d7b6fa257b04d8ce36360f524e3dfd2211641f3d2637d86b80681eca50ce0eecafdd22d41fa515c15591e70ded4b70efac3cb42fb352d82e8f7573e8ed8248da356fa91a252976d3a4d8c1843a8d5bb7f5f1028453a0562a3ea93117076dd4940b7df50d78289fe66197525f6095f8605000000000000003fa83027963a1a2e07cfee30c0d0b4c5877f93b3637ca21eab5afcf5d4638dfe8f9202aaad51c979049dd76d65368cbd4187d9f74257c7c4a23ac4a34eec5aa17e78c5167216f5e72138d20f8325dd5f8f96c32189c904eaef580987f1ce601a7cdc35461db9981ac42f9e24b0699bbe4e3d986e38952b0b7938eefd9e7a292bbb66367ad77045fdc18855c81c031dedd185c723238373eaea36546791d04f1ff5f0825a6619e844882f31ed190233d58ecee949e310bf2b1a51b8a33ae65a06d2b6ad386bf8dc49dd328bcd75d1843a13d68560175a18af7efc3c0f20e32f84f6aaaf00000000f3ffffffffffff12a6c66bce74a8fb9092023df695da2714a7933d699d42de2bc4a85e0a0e22228290a7a7553ab93a16e42453ed86869a02df2f47d4088fac1772d3cd955c81cbf91c2ca7942942f61723b558079b82547844f92df2499c4b2c2ef2539e5daa8d8727baaa6b5755e6f83bbfca0000000000000000000090044ed83fec890f693d54e1c0adf7b3fe6cfcf3b9873cecd116826f1be38a8d61d866516197c199d5a3721a378de95d5c25b3887a271db57518e630dd132a518a3b2490b3a9ac177d286502aa73eb67275de3523ce65e50b67a3820faaab5e7b22850c8265b44085a0d2d3c734712591007e15d7f0b2cd7eb796e8f4318d2eb8343c5176056000000000000000000000007444a9a2b71016c9cf336078fa3fcfbdf4dcfc2f5acc09ad13dda373957ab7ed731565049f1d18bcba118079dc5307fa972f19cdf463cbf159985aeb0d92fceb4d62956f6de3f2a416a74"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xffffffffffffff7e}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='blkio.bfq.io_service_bytes\x00', 0x275a, 0x0)
write$cgroup_int(r1, &(0x7f0000000000), 0xffffff6a)
ioctl$FS_IOC_RESVSP(r1, 0x40305829, &(0x7f0000000300)={0x1100, 0x0, 0x0, 0x10000})
ioctl$FIBMAP(r1, 0x1, &(0x7f0000000080))

3.299605271s ago: executing program 4:
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='sys_enter\x00', r1}, 0x10)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
r3 = dup(r2)
fgetxattr(r3, &(0x7f0000000180)=@known='system.sockprotoname\x00', 0x0, 0x0)

3.236718842s ago: executing program 4:
r0 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000300)={0x43, 0x0, 0x3, 0x3}, 0x10)
r1 = socket$tipc(0x1e, 0x2, 0x0)
r2 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x4, 0x3, 0x3}, 0x10)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r4}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x0, 0x3, 0x3}, 0x10)
sendmsg$tipc(r1, &(0x7f00000002c0)={&(0x7f0000000000), 0x10, 0x0}, 0x0)

3.227806703s ago: executing program 4:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000c00)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)
fcntl$setlease(r2, 0x400, 0x0)
open(&(0x7f0000000940)='./file1\x00', 0x300, 0x0)

3.219490635s ago: executing program 4:
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000700000000000000000000850000002300000095"], &(0x7f00000001c0)='GPL\x00', 0x4, 0x8f, &(0x7f00000002c0)=""/143}, 0x80)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000900850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kfree\x00', r2}, 0x10)
r3 = socket(0x10, 0x3, 0x0)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000004640)={&(0x7f0000000ac0)=@newqdisc={0x50, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x20, 0x2, {{}, [@TCA_NETEM_DELAY_DIST={0x4, 0xd}]}}}]}, 0x50}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r6 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000440)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581", @ANYRES16], 0x0)
syz_usb_control_io$hid(r6, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r7 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r7}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(r7, &(0x7f00000021c0)={0x2020, 0x0, <r8=>0x0}, 0x2020)
write$FUSE_INIT(r7, &(0x7f0000004200)={0x50, 0x0, r8, {0x7, 0x1f, 0x0, 0xeea390}}, 0x50)
syz_fuse_handle_req(r7, &(0x7f00000066c0)="a062030607792c01386f28a428828947de99f79cc542703d923c7cb9d4e1f6fd95fbf2f747ab32f6fb041861fb3f87a88cb85405b4e73c0b6b12c81e42a9f13d82c32b7ddb172bcba1aac5c38f083747ac179f08d4d6d342a87ba8dd9bb7a9680f27433c3357b4f6ac97b19a973592f1ac6e7853a0b15ba42a28efb9cc30b146346b546018966e94976ca28f26a1950dd64c0adbb0c2e09bbd9caa9e7886a2b3d6e2b6d6616b718f1322ea2881ca59ef73948b1bcdc2dd3970e63cbc1043ce42af0ea1f95d17268cbc3ef062c8c31a537e94a20c1c505a6022d5ece7f51bd9c754d8c47cbe80bbb30b2159991a94dd3a25e64aff8a7a17374b5a71e0c7c241cbfd7f084e18a50bea512ada902210a3881ffcd42071ab09c4d80139d8980d6dc5d12c2595ced445caf22f80d8fb1a4c243da47fadb8e28e9c04fea820a8a2f032f5adff8b7d9269e63db68d196bf7f416405e52b6b8abd8bb9d9694b8b5eddae348209963738cd9710bd6c291af1c8eaf0e52d2f2f24bef8c8bc9f77eed40104e07c8ee1b4cb358fc73e2653fef6232b5e9f5d0be26b91a0b7967ed5e3bf10c449424ff4d11951d963677001d9576425d6a9c4503268a407d74854f5e1caacc0ccc463dc56e684db1d80b370da238915579ab82cdbd7d155adf10b96ed71100ea92834e8a4e4f5b7b831bff6fb4febe01bb398ea4065446f277f107aa3cc06e0b7a6e98434bf57744ba9ecb8effe704d7f852e16bc33ac113649f7540b7a7a67cf5493b400ce06e571d485af1732938b79ded4de7dad97a7e1c0be7bd479dc264647bb76503168423e3f6fc95f8ac8ea35e39f476ab54e88286fcf73eead1f794784465592fe4ad112ac63bbc3b3f35b87c40bc5fa6e3ca6cad878f9772a61a23aa00491a9e2442eb90a32af2bd74e99d075bcda20288bfc30f3b00a7e8e1a0b4791573abd65284bbb53e2b7d667239b95b332dd423e4d7c512de559bd53fde5285add9795bda81ec142620e693af9c787a4499dd76ca0d77d9c7c4043e537ec6c1cd0b9a642b12adc782a0e00f6c1ed7379d5fff4c2feb19182db977f657b195e4710ff00f78e35a146119897495b0e1a0068a6606292ee72bf65adcd2cd29b4e59a4b3f82eac77d5254013d03d2fb2511975558906741912d09304f0d4cf08c8f62690c67968c869f75a4025224d8e84baf7a42e01b4ecf7e55d7c45839778c2266880d1bb73e3aad618d1a4f8d5a16914d64d70438a88512649fd4caa90506e5a2d58a33ecaebc9b2e5f8a4fbeca57c829ae02fd2dc146e939c3d295ada7df4a07e74b356c6ffd7a9c546b9eddf7e013cbcb2b57ae0d225249f7e06a415681d9f597a060fd55e39bd56f04b863efeca458a0cbc54b660db50ca40d27a3fda3416860e691cfc780593f06b467700968bb918c32547e378b14b4e0dcd11cb0b2fb36ea70946ac62290184b4eed38b51c322a75367b50f558e063bf363341a17c28ddcbf9ce53da06f26303fd156423a25f686809bc9845a78e0cc3d94e04bc8da85f22a4a8ece2c4ac2c79e54dcc4eabc61e067060ad880377a71fe0c2c0305256e4f3c637575f086e4ae3d7ab5d106fde03d24c47dccba3da23a244c1f50a4f60cd8d71b77390c5ce6d5612fd0260a2f33389b064ae6acac783eca62874232fd3808fb2188151a43de6cebc7e245106183f7d929f1eeff6f972da3e3d967170247925fb0f04bf38e88d06321f9ff9d2c296553d842b69036a2b6de2aad3879aedee723ff00736f7b0dffe6182104105ff0f0b636f5192d6bb5ae7ef950825827d2f3d6285d83aedca3f31474e0ad50ce6290a0e546c30d900e5b4208ecc8b3aca0ba3d110fc3c0a7e004a53e5d0ba1cc1c2bb42c3dbcbb4ceb6674151932ae56f6b03cc34ce450c292fecd2456ddcf42b075e6fd49305fbf265a36f3cff61321dd60f16e844089d659130947672a2d059e04af9ef653e8afec926b5a5d411f60a2a435437095a1df8dc60a616bd1a1ce7b5251ed8f905becffebd635eee8ff0055c40f146f1350a406b853ecb005c6ede4dc270ce6751cff915aa27f5f6b0736da14c9949de599d57868c29cc97ad03bd89502a34b88ad29c8762d0dc24a6df759821882a32e70531cab51fa1752a4fc49cf0706cb24d203174b2940f29ef8b0ce65b40cfde4e0c7310c685cc8de8384e485a951192fa8c36c11f9b88a48caf027dca480caa4fccae70ea6c837eb82f926ad7691c7709f217220d71f6e374fb8522a84c118b5c25f3d56acfb25afbe676fc9e574b6c5a59c00a0bbeeff61fd82a1677f3da9bb596133db491a8f11b945d930c8a67de9ce80025c764d518efcbae25d9194dc96c31ed02c63b1ac976715f7233ffed7cb6e929bbb5afabd34bc37c095acd0abbbdb1ea48e40a30ac99550f0ccca19ecef5acb2604c48fffb53b352d114fac72d6fc019ddec558406668f773fed9476148133c0f9ca4d1fd7e70dd04bfa089dc57e5940f29a5fd33dc79913ff48853794fdaf891d71de94c4a4fed0544e09f2bd578b07003031b8602f08ca8a79fa5ebfd5477f4d4f031c3efe0db273446a99d0cbe21a3cf43f3b82774e4657bb4f9675adbaf71c52953f0b18a61e05a9c770536fbad215848f8238e8730b9085189ea4621780dac500d7d7dc7815b45e232f86592498f1515ac8c50306013524cc5f0a74b67bc85d435d332ce69f00641c86a3e91be84b78ac358f35b18d69679df4197d3be8554417cf44aee6dc623f68ce3388df18168efa1c87c776cbda792f6110b6af178eb8200a91dfb72c1e23b5e5a66b5a3ee3f4c2bba2ccac939dcb036006b86e894093922a95fd70baba9424a3d0327a0f209fe10b39f3cec3f669d301a2834e58fd56f94d622dccf653f08e776c9f3e1b0e5b3cdef133834b93c41c70438d51a0b127262868d49ca91623c3d8b75c2cce0b771b9ac941bb96029e782224a3686a7c0dd164e162ede667e0e5817e7bde85ad3bf30a6a5bdc420f751679be74a02f84aa93b971c3f45a67d155f7ecb1d5284660918dbf102bc16f496fb62a1290e6b88ddaff55740583cba13076afd623276634e0c11663be50766980949095003ef5bc6f90a98bbad436b67928513e70115224f672ca2a24e27bb98bd5288c49ea23d47ef13c5ff28c43ce53ca16a6caeccc1f601226253c4a38a88a93828f6c800547cadbaa6d7ad26db618cccd38a671507cad5ba0065ce2edba81a059b95c36c5d04ab456fd6fd81ec3738ebe546d973c0886a5e7b83dd9c2f58f5d6c19519e67575b3732a486555f8d8c4ae004a62e8d07ab2c8ef74cdb96aa99d75aeb1c25985996f281d71106910a3c3da17de35e04dbe00e2b7b75ec2fed177a7f2d04fbf68bd0b8af682b30911867d4d1497ba060b662f4e97a8e7fd3613015cc34302377497cd08bcdc29f06dae240820d2ccddbf8c95c76a4ba5d3e1b37a62369ce3f79fb74ebd9bc82c3fa3edad4034b6715c2853fa7781c974b5a4e541e8b69bf4bd653fcce4e4340d9409fe9112e4d253a3b7e9d43f4426127b10f2d5d3fcd2193490f7d933e0cc53dae552f2d7c9d77b8f9b27c59105cfae43a0aab314a0820fbb5684bf20986e3be215688b42938d272c4c0edd17bcdc84a514d2483456d6cfb4f5c1218859ee55bfc77da36c9c75734932a12fd03df38232063ed92024f8ee7c21f314129feb10670bb4d6a0ad4fb3dc57a64cfe6509a0770650cdec0efd5e0b1fd29433cf871c9ddbe648319bd481357326ac1eb32b4bef4ad89ab6122e92dc786decac88624a4a3963ae771f8023b9a92e446114764c53d7efc07e3ea77a9daac5cabbe648a223e249db62102ef7b7b6d06df46b6ff913911b89848a47aecc0563fb06b6d77fe1daf4541cf619105ab68e0bcdf7a05af22b0551323bf33dec8167df2b7fac62dc9e286dd3462f488c82ad194f7fd5d3ca72fe9c0c37cdb6d75684326e5cb30319ab333fc70bb197320acda161d2e685e78ac2cb1417223f64742b12a316d590b18a4173b2a105a381baf6f383ec2e81d04860b5cc536475d7c5d05bd6a7db1a5d93930bacba8c1de63707bd24785e19fc1f15ba724660ac00d0f2ebbcd5528b8cbe4f3ca332e8611e937a310fc79d234be6c1cd09d6a5cb06ab36a9d667188144c81f86aaf0851763573b36cc21462ba4f3d6e95d38d1e9b943085661d234ef6d079bc9d84c7447c85baba88263451ba10559e1ce326fee5074b26b54872e690a9a1e589e1c444daa3224b292bf9ec4a604dc512760084084f27386c89a1190b8905f0d720508c0ed69272f396725805480188aa4602a26e833c16aa5079c0577a8203ec0b2b929ef3b410bb427c168b7fefd1be652f06efc61c7a295a5d07a9fd61bd5bfe67ac5f74e485a66c92950a1b460257084ca3a3489943ad450300967234b487fa3def4010f9b715196562ebb0846b7ac3eba47646af6285582b4402f64aa684dff7d9cf81fbe1aa88959f7906f06839389f2ad56efb5029afe1d5ceac99a3e698f49ff0da7db06d7c9e94a8773a13fab93def139667b4dc6b741bd2769da7786acecbe315f9006bb6b72abe5bdc587d8d5aa8f67aaefef68197fd2e7874d9b7da2c3a5618720c12e8fc31db3e334c47abcbf10c6181ec14af4f9e90e19a35360a793b1e9b336e49b3ed67568a860cd4c298f967ba323d315821959629e5b7aaac367e1ddb8a1c5d61500afa69331a4c90861852f533657b28b97a343bc531a11ff634b157a6d859a35f0d2a595375e11a32457575f1d73da033bf5eeda12337b9fdd46bce192d3aaaa240a8c65bf47704d6aa64a9531f9de14a96fc9fe380db35dd5ec52321c67fb4c18abcaf22fbe8f602ed201232251317e1a1b71e1e2c924a92d84685de348eec97fed954b7f6681ddf521b4ee03a1aeb2e446ee2a7f4dfa37b1c53831139fc624c14dcc4d144ccdf758fd9f344b4cdc1df70f6a24fa78cab136c912d1ebffa7053ccbc9b9445762236dca409820f738370117d5c369dfc50fd42277f14eeaf29110aedcd503008c42914d04e219a8b6c01e337d04724919b07157e2275ba6365a9dba5ebc8019bd1aa1b8668023f64cf47e1b49b4fbcfc10d560bb74405c90751504db8100d8a8a1a3ff84d98f1262fbbd6b962f492b9531a7411c08e7e56eb0f838075f754b6a395b6b58a8e4c47eb46bfaba2ac94800a396749d18ba0e6219f8d616ec71a1e60b3bcc24e19d4a20ddbc6a871e6d7efa50a362610598d892a5adecbcfe217534deee3620dfc88c7992ec2e710e083ef0a50c20621405f654804d1af4f24d22b8ca48f26303e6969127a74f0b276a5624c3b84410d4d5ee3c62605876e60a88df2bd6e8db8c7e486fdb452178563e7add6bc126b721b9ef8b12181989b87031573a4010d88e34f15a2344e4808b74c99ad68f0c2aca4e8d504397c03e1328c4b1ec43fd902d206c3cfb63d7541ac57fdbc70b0033f87514286101231fe7e79668c802e1c23d61540cdf13a5e675b736e221ddc29ab747d9c64f6213f51d3c1ded2e2b0efc4e45183d90468f61ec1720f7a0b87947e2c54125cebe6563ee4415d886bbe869d17d36371c942c11db1e13c1dd40ed24cabaf7ee80eae6c4db934e982d9619d753dcd679c5650cd95d21582e31b259043a0d03371cd294f4cc028042c75070c9b534a2d79f164ab9d773295795280d1584ca664b53b263fe2e23534d27b0d85742fae8061e03187795129dd272041c6eb9c10c3406da1f752f4ca697bdbddd74975cd4dbba5687fb30ac4fd5d2579494eac73053a63821a852cf41a80f6668006f7e1c4e30b48d638ebab470c558d42baeed1adc8fc71f73e95f3ca212a4b009b508e89898727f805685e4e7650a2961d62c117d1ee9017236a6bffa0c36ae11bc52d346c83399e43c42cdb9f443aa307109a97ee66ceb7a29eeb2f1a2bb3ee1492229116db07301b2aa4126aee7775daa2d0eab4d206fae11b3c6b565dcc4c7b4dd1cf2abec81150d0629803f6eb221be384b8772fe6d6c4fa98c928a9d0a02e9ff8bb7a2168dbebe140323d93bee8983c496bccf752c372b795a3493624cefb3cfeb4307bd39826cac1ea3f18912deef1b8c8db30bc016990a477bc0a925fb36453a9e21354b2d7e6e3d4ca4dd20f27a8db05429d44b7a485365191dc4ba977a815958faf6434813a9f4046054763dd55dbb7fae892b746e169ae046ae3361a9f75cf622b03f75b1633da864395bd1c3a594fab0b1fb37f088dd1f2776e2b795c78635c2026a8ce7ff40968a1960786049a217dd8872ac0c01f4bafcf2d3d751dd46a5e1bec00540a9ca7afca3ef37575d4a8b1291d05be94913092890a9b4bfff39edbff307e5654896e79228777c0f8ea46c55bfe19e522bf457ab4e6b0167d776dbcd0160598370a12c4a03e4edc82b245a7608797b03d4ed89dfc2a5bf07b9fcb251fb8608553f3b3774818717a9aabe6b2ded811515ba454b390a6065bbc59552f3bfe51d38f139792e1aae60093a7c5770b52a1730feb1049c14a7d5261d644f6b738e22ee72aafa422bd93f61e1ccac0a5ef4726c66f61bb539acb937bd63da82c700c0860be90ce5621ced22b52b63d041266fc258fbfa6641aef22e97804e5138ad2ce4405eaf76bb0acd7fc61b2d6de4aabc5c28a850fcf219cff77c97d3cb6bec0067c171b912d11d82c56cbad56c0032a9657d4cdd1eacaca53f40f5e3fe911127e1cd30781351f180e1413933cee2d46ca0eea31ee01fe4e99a567edd0b10565d47b87c8a48366143e889e52d0ff13c920aea092c2545fa9b7056204fec156549d3c0a997bc1cf4a01338483bf5c69d6958ae038f1c3e3b84baeb2c1f9e064c0750602c34c6c483c316391d975f94f21f6dfe74e92c33228b408a9e2b9abcda33c497abba9c48a63e5c8f1a8d0f4c24d36a44e1601e8a09e8a5c7179bd4c44b17e542dd99cace87aab60a5e53325d544c991b6fa5deffa49fd886332980deeca9229cb2f67f495a7b743153854ed81e1623b12dbd65512d08a5732fee2db3fb455cf6df5a1701a2b8674633c6792162dc86ac76e30da225b0167a7e704ad33ba694f9c902afbeed58eef609874767053f59414d4d3eccbbcdbc7eba997c71f9b1f5139bb020d5dae1db6e2dcfbb51b5371b08bdbc3312b05ee6d8c03c8b5a7d4f23da45f276394f222b1a0bdf4e2603243cdba60ee0530387c88bb457ca9932f2283a4d55bb1195e6d325ed93f714e21908b1baafa467f1cec7fa26e5c384ee6828e77978bd1abd014de549a5e5966f2b2f4ba000f9d77f1abfe3a6c337cdb852c1ec59f61b63d543f3062dd2616a163ed7ca60168b0347b5c5646a678dafb4c502c333a0a48f0341b47f5c5946e42e571db0bfa0682a449ca64e71b5661a842975182399245c6de241512c67ac918d7e0c5cb66565010e881b8333567ca584321ead1c383b099d8bf1c56dac08cb218cde4226ad420d6d6313f9c4884d6394722304fdaa76e61db8c0d54eb1151344c41ce1130272928eecb2f9f0f23c752622374eb1223a80efcf0b937dff7d813d7be0340226c0a7b163741d9aecafcb7ddae5a219323323f621c802be82399e06d2e1cc582e759ffa303c5103f8a44d7129d2853b02e506abda57ad2836d7ff16f95232149fbeb8b62e586d3536bb4ae042ecd9e25d1dee789353071f9c89d4361000c47b763556e8902f1f25cbd8ae71679e03ff27db0ec75eeee3fccafc7fcf22c377ac60d3c61a43cb53abf6162118f2efc86a5ce80e69a02bc1db80018beeef6d567941232e4412a958ed012bf7a832c1eaf68134ecabc4927ad666b3d0f21d4e8d52fa37e0a9751124efed8bf47544299138a6f69d89e295677f12606c79b72451c263fca3eec22bf0c47c641159a0bbfb3b2b03154af533e5c06a149e52adcfae31bfc55f30064a8903c8d3b828d275a937b1e4adffa0597da5e253b50bd71b33f057ffeff0b2a0829b3bf33350fbe67c7c79034f80d69e6a21be495a848d328f416f15966491b218eab390544e39d498258ad80ddae248634c845cbe6f1c1e93e7c2b02075411e075fe936bcc75f4a4e1a3687cb3dbbb61cb31ddfbbc87a1859b3a48fccdd8e5915c8bf4eebe8f7093cef6a7a91c8682915f9908c854c483e90c9643467292884d284134dbaddafdbc74d94a5f9713719d62b4f6b4236803d210181847ca27129fde264156895f4e1822ef78a3b215ef56d7e36d2b94c93f5e931a0d13a3a3030061ce62de595eecf47eae6bf698530145757700df18f66fd7261a12c119d6679663b3c0f99d1705aebe66dc862eb21ccb7360b93f54507149b577abf521113991e06f345e8282fdc18de673e1ca7b188ee34b14f37f86ddcf97fef0b913c33cf8e5d5d33707dbcdbe4b27cef056670252f186735cdd02f6ed6bfe5318a704f00e34ffc4fda9855bf37c51be6a7423e44dd8a98883c8fa82ca37c90d681fb7a0db915576b50e49aff545b99aa3aa6343b814ba0bf64e53b2a1edcae2231bf20d65e4bb4da6dc8382120ede652adfb7c30a46e0ee784cbde74563d83eb8d89a1573fa104fddca9d4833c49dc904bda905426c7dee3e48b596c8ee201bea57fedb1a0649457eaac3c5b5f4519af3adb66f10b861e711cd4034448890e15047c2f8902588268b5645051f3f3968ed8d630e050ccef0d01b61ffeade51e4e72d8fd46bba4c20009396e984c424d174934a67a1930665fbea04c809e7cda0a2cdfd3a14d6b99c3a8d8b3691825830456876f188ff871fc861e4c6a0ca377dc1f0cb0f929f7eb1f5da045d9a588a393312acacca5c5a3b15bb1b488b08fc40ad65ae2c1df187eccd8377525a81d80df57579ae52f775fb2efdd172a41c370300fcc594c2635dcf50e9eb9d34fa8b4bbfd13078422e3a7734a8ae6cc09e39d07c7ee19838f8da4cbafe4162c8f8dc44e284840bd0a5c80bfc657c22e37e0d9a96dda34a51ce616c9ccdc95955cf85d93860da902ab30f11aa333eacc25c47981d8636038761ed4d84fcbb0ca92dd2e07863b9505b451c3c49e36a172527578123049ff2dc2b4e258a3f698a12ca4705a6fd0ce6bc4f1767b4d9c2e57c9ed1388527964ac96ff5e4cf5ad6fdb6a853b43905df32af8bd788b520fd526cbb95195a1bc00d654cb080acdf67938517a6cdac741d86730358be16465b4e1301f47f6a444c4e8d2980b8bd98a8dcd6617cde0b287e2d1f59167b5c445146fa49728111b8a2729428cabd02facb8fbddbdb2769680f288648d6baac53e0d909335da3e2b4c13ebd41f32820c9f491e9124ca444a0532f60e2816e15a5810baa91f64454aa355f9d362c7d1a461561689d08b1350a216b6f1bda57aae0706b3710a1b8e52a7e3084e600b5ee3dc540bba0c16267d549304a7840659a32e40070715c9bb912792d4a7b84fa06e73b9ddbc2f06c4edc19d25f5a198c7e3fc6226842e6215da5d826fcf5949612889f78e9de39d4e64b86b7033b5717a21f8f2b81c799a3fc0bfe6f5837b252eefa360c91a6148296bd19d50a343d909c1edf5261e70c8dfb2c488940cf236941ad3fd01247e37902a4bbfdd1839f7c92c260a2c494022fac08629303c8e54108d78ae2c94289c7f998ba3b622b48931ee7c17c59f5499d282467a1b8050acc94a0b17b21836c80b69f519b9b077d18e33c027faad562fa09f2cc6120f8cf5ee18cf7db9d729ffbb9de58885713215b7aebb8c98d9fa009be0a9ef3ceccdb2b31968db555b26c5c94e382d06ebf6d356e8caa85def5813dd1596d823924c4fb63dba5bd094cb64f204d1e59d31287715f831a1f0be95d8749f2166ba0b0b6b64a37991be1fe1c1e922835f2da0c074ec9413561d52166576b1c4f1e18f078dc046d1c284964b80217b55c59a474740c3649116b33e927479736bff6005859c7c00598f22cb8eca38af802f4c86836e8330492ac7ef3707890a8ff856dc7786ed769bba75b18484b257b3b022eeb51aa720639f79e6e6bd3d3c9a61f7822abe562867b4693f0b2f61135aaeaa510b31112efeec48d2602c6d4f2ddeeb51bb03ab18c18d8e127a37e22881febca47742b9332d3f2251003b1a46c40eca111d02446466b669568c70971bd33254ca577777f126f86f8a3665f065b645ff261e78e0f532e83a81b99c5de3488de74ca82daa0e4e7404eff911ae955acbb800f9f91b774e472bc14aa92817b6d85877b1861a6ca92c03c83b6f1490068bad8eab1f58c9e91e1029683de2ca45c99966966031ee86d8c9995f0612480e2a6d5396e8ae361d6fd2e24557613a1191f5019d4c8078628013512ea3a59532efffa6cfe4970d28d8c7aa8c866c4275ff2b0b4ef1a7e56854d7ee4bc445713da9349d13e30a4a802cb9db2f10280fd9ea043b5b3480441e8ed2d907eae1259befba9d87a04ce42b0010c70af157b90e0bf72549852fd122edd6cf3475f76852b13b4bf887cf32e25ad34aed7fd5a6e97b307f9b4ff1c07b2b55beef5ef3dd96eeb2a57720c18209d911a55341cee67e6ff577f7acaba01c2c9690b15a3b8aaa5b9d734196467a8c074b2eeeb5ae931ddf3deb15b1a8d603e72125c2e68ad206f2c4252a659f8248ff882a8e54126ebc0c77a46101072272460e683d465279a3695be6b64c9eeb4a576d95fd520be42eab5c95cbace0dfd80e2d67bab9f683a1cc9c006c02f0f90a21a0f51218c628f5608fbf1abc79aa63452bde1002383033578f32980e3779a8edeb226f6d3f9b36d8f07bddd7479b60346a4b4fa883940e3aef8ad8d834dad4405960a4409a6255e8753d0c0ad0960ff3ef48ce93fbe6b165e86eab36fccb8b989f5b54e6ccaa19749ff065a0a732d15c41b9072bbc6f07e1fd5a3df2775874e46b61ed50714e8c403fbed6884ec06f52ab71d2c191fcc56ac0b17ba3c46d2dab3e11c79383bd8867ff14b5fbca73b9ae594b6a09fb73a2e8f15aee59150e8d6d3dad9659025d045bbd1b9ca257c67bb78abe8f7eb9c8b3bc32951c41f7390bacc8c7059a2a9b078ab50413605aec604e4666a6ace765b0e7ab558fe6232f2703d07811e3d0ac5bf9434e87876e99250ee9db6527a8ccb4a3ee3bde738563c9746f941cf2cd7efacdbd2593cafdbe5171864b2982b54dc5a32c86638c0e650a331625033b8dd65851965ae791880349d5cd52548f4422a317f96ed79e7ccf3bd671e6dc70365f521c65206386eb1f99570a544d11b3d36fea285f8a3770ca303a965a0c1d598ebe3696e647be734ccf760d3d47dec75e236d7ac08019b6622a7b9f08bc8f0937ab75e75a047a7386befbd56fc4b2f89c852dadce8df946cb3fafe4eed2678caadf1a913ae32b2c0b8a37984cb700343c5e24609f8c5ddeff5e653837a9332a41c8e21466a13d79224125d5f6a4fef79b5adae7f4ab7d351c55400545edd3c00637bd27164828925e9bb5d79f1f1e6eb3270ab799ae38772f779565d92c47503de695f7aad7ddacda6f6c71e755b3737231b64715bf07849d3466e4f92239f733436ce674389bd16900", 0x2000, &(0x7f0000008b40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)={0x90, 0x0, 0x0, {0x100000000404, 0x0, 0xc, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa000}}}, 0x0, 0x0, 0x0, 0x0})
readlink(&(0x7f0000000040)='./file0/file0/file0/file0/file0\x00', &(0x7f0000000080)=""/167, 0xa7)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000580)='mm_page_alloc\x00'}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='ext4_mballoc_prealloc\x00'}, 0x10)

2.934197041s ago: executing program 0:
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
bpf$MAP_CREATE(0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x12, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x0, 0x8, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000640)=@bpf_ext={0x1c, 0x8, &(0x7f0000000280)=ANY=[@ANYBLOB="180100002020702500000000002020207b1a01ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000006000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000540), 0x10, 0x0, 0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000600)=[{0x0, 0x0, 0x0, 0x5}], 0x10, 0x8001}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x0, 0x1b, &(0x7f0000000340)=ANY=[@ANYBLOB="05000000000000009500000000000000b7080000000000007b8af8ff00000000b7080000380000007b8af0ff00040000bfa100000000000007010000f8ffffffbff8735d859a25a504e502ca1d6aa400000002000008000000182300", @ANYRES32, @ANYBLOB="0000000000000000b70500000800000085000000a500000018110000", @ANYBLOB="0000000000000000b70200000000000085000000860000000500feff0000000085200000000000001811", @ANYRES32, @ANYBLOB="0000000000000000b702000000000000850000008600000018"], &(0x7f0000000440)='GPL\x00', 0x401, 0x93, &(0x7f0000000480)=""/147, 0x41000, 0x0, '\x00', 0x0, 0x11, 0xffffffffffffffff, 0x8, &(0x7f0000000580)={0xa, 0x1}, 0x8, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x7, &(0x7f0000000780), &(0x7f0000000980)=[{0x1, 0x1}, {0x1, 0x0, 0xf, 0x1}, {0x5, 0x2, 0x6}, {0x0, 0x0, 0x0, 0x7}, {0x0, 0x3}, {0x0, 0x1}, {0x0, 0x3, 0x0, 0x8}], 0x10, 0x7}, 0x90)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x1, 0x5, 0x9, 0x84, 0x144}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0xffffffffffffffff, 0x0, &(0x7f00000000c0), &(0x7f0000000240), 0x800, r4}, 0x38)
bpf$MAP_LOOKUP_BATCH(0x19, &(0x7f0000000800)={0x0, &(0x7f0000000840)=""/121, &(0x7f0000000680), &(0x7f0000000540), 0x6c, r4}, 0x38)
mount$overlay(0x0, 0x0, 0x0, 0x0, 0x0)

2.919270554s ago: executing program 2:
ptrace(0x10, 0x1)
r0 = inotify_init1(0x0)
fcntl$setown(r0, 0x8, 0xffffffffffffffff)
fcntl$getownex(r0, 0x10, &(0x7f0000000380)={0x0, <r1=>0x0})
ptrace$poke(0x4209, r1, &(0x7f0000000000), 0x0)

1.980348527s ago: executing program 0:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000c00)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
sendmmsg$inet(r0, &(0x7f0000004540)=[{{&(0x7f0000000040)={0x2, 0x4e22, @multicast1}, 0x10, 0x0}}, {{0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000180)="15b26f226e2966667482d50703b0a8d92ccd9e69d5cc4cb3d467a670b237a9225fb56c0f7ea725dee27c4bb43bb50c6748c83b71d59f0537405dfab648c096607340fac939a2efd31cbe2f8ca29c409e87ea0974b7bceff9afef5dffd691575f5115f2f961ad488e3386036913e98181a6034febaab853a3e928b9035b0e3a8e1cb393c70f6d0448970e0af2476f8b923ee09c19deca55d58f70e8eeff55dda6381cb96afe97196c0af0a8fd450a1447a1a521e2c211fb84cbcf4aebd31298972ec6be", 0xc3}, {&(0x7f0000000d80)="7d68e6de85f9b0cbc9d710267f321ec64eab043ecad9af7e01e9463218ec45924a99867163e468d36a682fadd749caa325e685d75559a87139e02fae7271be8f55671cfd32a09896278d1941370174720838039d0989bc3394b8a4c4f4a30f0496be313d6d60fe47966c634a3ee1f659e8ef310647725bda0130d5de5028220a4cf5fc808a75694738ee26cb21302b4bba4265b845a5d5dce706d9820c6936b122f9658446d74a9016b94424971dd443a6907eb5c73b6b200e92b23f2c36a214729b0bc231511e4c", 0xc8}, {&(0x7f0000000380)="73fd71361e8d6c80ae1bc9953e2a4aeac7a314273066fc7f65a51969b46df1774bb0be94ccd4824f2d57ad2cd37242b1258402395481f9f07e067652e52aa8ccefcd0962ba0c48757b68d493f3ad702e65d4daa7dfc1605a173185472ae12470eea64c70ef4e64793b8a830447de0f423bef3964934eef4243cac42939ba6fa68d821b9373b5f3e2c26e7ca75ed8fb3203aef3a6637cecdd0251532b99537e02f604058f50e66c8a657d59beeed127695475f082d3d2b9790181fc987ad000ac00887d1506be89f388ecb405660b4ea196ee8f5a92b12ec43bbf49567db613d478ebe2358364f7600bf4f80ef4b2756fb13416c4fa22880cc96a03f07888575aedb001d5a74bb2f906797912b5ac080a0a3d361425f1a92ab03bbe65d5dcb235f43b5ad1162a16ebdc647baac013bf076945126cdd5a080853976a97ad55184601102fbb8df86b21aa8162858d74465c5fb7dc766602a3567f6eaf441f85ec50ca7fb3a4fdb450d1420531da25d01a412958a5e3895c59542238cf8e188e7fb5641eb24a5f1819bf8d2e9dd6c1d0e93564d723e311db9cd268bb1e477036e822b135cdbaf40f812aa7db01d22c829ab01ae24997dae96ddeed49e62d285701d5419e3f94a8b95790cf5a296ed15bffae1f71470c6a6eda872528844a2df42590d898630263cab5cccec57b7cea365ad8c91bfbe7cb419635ce6bf340a56115c0ad922b6fade9538e543bc5def2a85d35ab16d20c219c4733837be2c14ba4d3d32c3a6882ce6857626f55109b4cdcb634425d710bf3108f9b31b4af0cc17a58e49e871a56126dd8bed08e038ba64008587237b3442d28032e52fc9fae1a5784ba59d0edfa03d38352724903ed6f6970b3f4dfa6e40bf933b6765c6ee648174765f1e8ec71b80cac86abd065a3005b40a43a665707cc590997c5048183006a9dd8026d39def05950183b3d4f12f4e1644ef78cddac7c5569985c2c232bb350f28857675339e53f63a868704d2e0b38993dc57a02d3e297fc9a5b9384622841018c303a05bac25d509df5a2d0e3232927283fcc3ec67e4fa7b71d22f115cf693851dcceab4bce38cbfbb32829e211cdcb6a359e14fe416663541050d340aef2555dbd292bd9cbab8fcf20378149cc994569c2bc95fb33fd2d9321b8ac8e5160b02e202492f470eb719a8f2ac3a4be37ea0918b54b14789b7aa228d47f7b13fd9af608740c5a8fe02109a7cc0e555b22628ef790e513ecadfd338d30aed8ca219e64ee4fb0bd0e21e5101bf2072ffa071eb1aa0454caccc015ff1e166813f819a142b56a22e4ff387bb319288a0ef747c6fc8fdee3a0e193b0d086eb816e97e0322fcdaa30da61cd26ac9d8d0748fccd911ce0fd4adc953e9486e137fe66bc8aedfd5b78c562ebfc578ac9f96a453311766564541e16955e30b95914e9411a0b4cd95e0d8732d5ff7a4f921ef41d986a195334266585353b16b9449955523913a30c087532bcb899f733af3abea59baea174cf04359547a633b5f8a582ae3ef12a1d0125bef8c6e8c9fb589d3597c5ab3879491b0c5e3607203f06836a6805d3f7979c4325f9fecb2aceddedb272237132460cda812ef7d613a585898d59f92ef68ec95f12b47b440f6d899ecbfab48055e0c1605ba4cd9dbc17c4cbfec8a953ebbd38c45a6737a57ee58e21a20e530171137968ae4f0d0366cdb0b9d6a4667b011fcd7cd9e77364e5221989d8f0d80793260e748e3bd394849c090c744f6044328304cd6f02e941c5405647daffc1fd2f2864b37f92bbf4931c8e4a7c6bafd0ea79d39d330e70e6776bf6a926de227e5a43653bba04883e98d67bb64aa86e8bf271ba87604bc598e47f2992c7618ad25068860a481554b53352c7339de7e79c3bd1aed5bef8f398432858c888a5d8651969ea40eb3d486e9fe61d49b20500fdfd1548f567da970103d36730657c35d03d2c36b142665f62203b1fb12d616478cfef6f38b34cda87a634dd06d359f33e98b94a5e5b46b2a8d73126352d1d5b65af75055455cc903e384c41876fbdff935d047284d9d203b147a6ba0e9cb50beef7798886c33d2f2f0c0d9abe0e32c7c809f8b0b28fc59471987353c862a311776b8275bf319d5cb9a59f8f103b6e567ef5dd8859973cc3fe41e356bf5bd3186240e49286977eca36a8ad44185973b276cd7958b73e14a221b7fd567818bebf54ad27ee95161bd2aeeb356482ff467500a7d36f0464f58a591ec6b728f984ec78d0abe14c6d3411ac3ffc4c3179d1f95d029f26cceb545723519d3d4209a2b1243e78767273c13dc2bd320512674b6f1a50313bae7b9d16aebb476dbc829e8fd8dd46a1696efaff5795cf75de57c90f05ed9ef4a5cdfbf20d3d9ed95fb4114b1d5c9ade0856212e7ba330ce5bccf2c993dff89112b28bd3b17d3fcfacef7590f62bf948977dd79e2d8025946c80bf263e34035409b5ba1443d4929727180761bd56d258c3670a0aa4de21111fc3172367582de2d164ff3a18d0696b8dd8e5c1423b2ea1e2c0cfe141e4cf04f8cdaed48976b94c40d6a581300458661bbdbfeeb4969af6319eb1798843d0872f68f0c6537bbc9c7dd1e9b0564bf442d8d25f8aa884aba1df074d374f99750d9227bb821ba0355f60de2829a5c8cd47c89d29a2e3d7d53d59db5c3ace8f484664202c210c68a3b33076fb00d59938e84fbad6d6618c0bb89cf94035fa2de4da351e0d71df416450ea7ec3af33aa5c0313c63e654bd79c73b39dc1933636956761058d76648746daca469f8fce62c17a8160cdefc6a927eef9ec4a8dd684e46f35282546ce2362ab8afedd39bf699fd7c2cde538f52ea43c08558f42ba77b2986b800c45fa76a130b30919b3e1d504573e3c1e7dd2dc5d81379df53d736511f1da4ad8791e46adb27bb5c38129e89edda0aed99dcc03fe400f7d05d48e3e9e17744e8487f8ac464c86f7332211fb9799e9d27a6832d5f17ccd1a2da255f6da047e4728dd80860c04391bca4b7833f0346866401ec20033bcf6dfa85fd1520de5a03b4f9f6f5d2f8d7b6e7d7df1cbe5c05e23e080cf335639c94c48aaeb0bfebbe79530d67d35fb101c91839954c0e50dd4b90a86428b22b0be1e906fee30f68d7ce4bf9c68eafe695f07f5e4e4d473d77104b7b1b5dcfeb84e8c83624c0068d4e1cccfe740f8e5d5699603f8481ef2a1f2d4b8fd2314c5cb1985fe34cf8ede7d2e8bddea269422490903489c7f5951114d7ccb29a19455a987d538955712a460243105b25ccb6e6f34c370a6bbb234bee150dbcea5188e45305253f1014f7c0b5d60d517d2d05707f5ca9249a921d6c5307caf41deca0509b49102d801320db65c00f6e1c05fb8c2e1cc554673bf6168dd64086b19af28eec508fd0c304837e802173ac9947c4d73929c61d9632ab929a25f2a04350954612c2de705c1c25215284fe933fc8ccfd30ab3fc9ff5e04dd68d4720d95a29d6da176ac9d332c9ce77358f3c262777ea828fe6473638bc77be2aa586a3733e275744bc42c3742c1ad8f89d25c31958902f2f498c58fc85e9b78fb7a331734cb081cfa9ccfd262df927c0ff46983f8765af4add3532de2b91f2436df028", 0x9fd}], 0x3, 0x0, 0x0, 0xfffffdef}}, {{0x0, 0x0, &(0x7f00000017c0)=[{&(0x7f0000001700)="c9", 0x1}], 0x300}}], 0x3, 0x240080e4)

1.974767048s ago: executing program 0:
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1803000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000800b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000080), 0xfd32)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000000)=0xf)
ioctl$TCFLSH(r3, 0x400455c8, 0x0)
bind$bt_hci(r2, &(0x7f0000000040)={0x1f, 0xffffffffffffffff, 0x2}, 0x6)

1.430403817s ago: executing program 3:
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x4, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b400fdff00000000dd0a00000000000073019d00000000009500010000000000"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x19, &(0x7f0000000000), 0xb5, 0x10, &(0x7f0000000000), 0x7, 0x0, 0xffffffffffffffff, 0x68000000}, 0x48)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f00000000c0)='cgroup.max.depth\x00', 0x2, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000180)=ANY=[@ANYBLOB='-7'], 0x9)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000005c0)=0xffffffffffffffff, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00'}, 0x10)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000fc0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$inet(r2, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001400)=[{&(0x7f0000000080)="3bfdd75fa5717852d59a9367444a2130e72cd4dabc8854532cca0c32a5b9f844a4610c7525650ce3d3b76b15026d93e6dee896115e9364066aa3d14e33ef732b4681335c576902153114bdb9c74b538a71115fb1d1a63d1b04129661b29aab89d0be999a6b7c9bea755adedbf305a79f70b71d3d4c98577b49db4963ce89b0def5e840f459659cb6f86d56b069a5de11d601d348ff88ca6e5e2cfe40176880b33e9e8dbc32ba2e6a99b1b50276dc4f06166000d7069a3cc76f", 0xb9}, {&(0x7f0000000180)="892950e2405ee8629d9384a91c16d1706a3e61f305119f95cac0f1927f4c205b971eb41147cb1f86883d6910e68ac3996551800b3ec64b77f8444b18345a2c8b178eeeba0cde7319a5a46bfe7f5770e019efd9d52069edcced33a758c4e657f3a792dc193a1911b4e82ea800ad7afe03c851a8", 0x73}, {&(0x7f0000000200)="a68cde0d56b170df7710b54f17d9a39c4f98f3547190", 0x20000216}, {&(0x7f0000000240)="45e04400f2b383517a08c397dd0a76e67ecfc8e74573c24dedd3a48fb62418c1412fdcd15e888cb0f5d02e77bfecefda6b064c0bb2b66a9a522e63873dde02330510255eec7dfa1af708cdab59fb71eca786a359a2c3b0cbad35144ec5b069c53f90e43339845dc7fd140c55b0149ab38eb27c140f374bcc2c95b0b121d1a9302f3a01b888243b3fc0d46f0de0", 0x8d}, {&(0x7f0000000300)="87fb74cf4d67adbbd062637f514c1f5eb18d7b442e6457a356c6cb1f71a43dfae773c8489cce5145f92615d4bdb13ef54d6ae90ec7733180fcf5adf3e13fdb05b57b748bd14eda042a97fdd84498304a504a0a159b972e8200c2d0f536a3465ec498ed12b924bd134057df36129d3ebe3dd3ce9f0671e5278143e4afa3d43f444681de1b5f9725fca34fa357fe2154981666fb9dc202fc17a0199eb1c25bdd1005e590e84783ee9894c888998dc25a83c14aeee31d114acfa0bcd235d571cd765f4b9259ba43e6fc30291d8a642146c4771898030b736aeee6b247abb0784b154e104e7dcda401f9b1736fea30a41a4153fe6a9a525bd0a3487571f914f05b590e242341ade289d8f5b842c6be4a93c2755dfd47174def782a2f8f61c068b5a012f02c0801601e860def788121e8808c01fed4c920a3698d0d684920918c95b17f76bbcb4f265c931d8f79560ff8114b70f4dd6791e2ed70cfeb89905791b88be26efe1c5c66b7b50b3d2be0dbc066dfc31618f9507f6f340b85a2f76a6dcac9d6ccc289ace5e5fecd25afe22ffa451f5e365ab33cc985f2e9d7f7fb1be4794740a94215d7db14b0ffcec19e5e3c5ae0d8578ef3b65d2a7a77a11e390a6c3a6b391061c886b961e3c2f42d62047bfe1356a44b840d3d956105f4c0fa95db08c4933f00de77cdc057c28b41fecfc8398c442be1ad065954f6c9dfeb2fd7207e8548a00a1d50bdf522d2abfdafd71723616a34830fbfa8fc81e0c2639cc12f363a4919b7a00ac8189dad3e7e54122a2ef430f623658d5e281c9a19442995bb9b0e3f7d13e3016b6f9523be196bf23bbcc5ec802f43ef8b651d688d9d5a44f35c9847e4c32bce3e9ebed2326adadc76f06a195db32c80b3090d7cd65c9d8518ba4e528c5eb5c7a1c5695b21595fa8a8621734bfda8afddd65e1f37a1990220a00fa9bd2c22b0117ceb08ae6af3c944c2eca924abfddad065d1472d0c3f742a49b1e78c669471873706ad157d831d7482b773f07b0673a6ce1e227a7a4d13744bf459434c0ab1c323a38b1a84cbf1ce9741f2b8fdcc2e073e56171603d035aacd83e71d5132831f4f1e8bf517979f132a33fd03783272e9b8c96dfa4e1d320a58d82acfc8d3d53a5a52daafe4dc8be08f4ad53e11cc21374b6ff4ff5ea2ecc5d3f7c057f74f0098e57d990090475cdaffdef0da917653ed10fb70b94b72e5b4d95cbea0fc1dd2579635ad6ab545ba4d7b6d2f5442bdb78beb6c8ed62942a439117025b4566b48d9f3a17fdf4577e8606a4bc4c26557e58312fd2d1a541ebec3e5ae28eef8b2ab0597083716dd12889335570ee7839530eee879d9b137606cd4dd7103991671b4464bb68529eb19fb7a8845e3491bfbac688a87cf0744f429ea112014402915c4c1f6bae08d689d3cb7d641d7befe8fc74a2242310a9a367a39531b4c86da5b39df524e52f33ff9c40b48cb196ffc9ca855b6e698ade8a83e52b9ddc5031ff09e1907e4f8b0d07e64e1fb8e427f8819a7be907aa216bf8e2a4c7cc87ed53bf9490d4cc788b91f3b9f705e984a7e62c7a495e8421b97c39dc954b35468f17c6682334f4e16308448f457faeffff6d1f818522fa441d3a48168bdb12ffebace436a3915b63076cb6a655718647f87eaaf313b5bbd430421eed3a2215e439600a56eac8c65291eb103326a8034662bd337ab51577d9110ec7151be5cc9c54b2a30891acac5ad006ed537dbeb8f16eecbde7cf4e71373faf3c36b772f6d7ea9346875c8cf1049d49d4f8eb01b946c11e8c8e3ab2015f282167acddcc77fff03e1be9134252af0abfe538b4d25fc4ff874b52b9fb0996b5f32b4141dbd30578ff46e13ef6c63fc1620f62cb11a3dce401993976c272a5f62fde3f2a0e654d19e7a39dcdb622b9526d2a15cc18e6f817c916a00775353dd9c8954e66d0445b59bb0f5e6e3b46447232f52a0e398b057d123ef503afcbd48544db6434d2025bfc8dab72262a4fa5426a03061e7f8966e0086ff8ab5a91ab59f19b830394ee8bc76d6fb4816b8f4cde35b7eb9d3811228d51c54828f97fd1e648196c81bc73ed56249a59f318704e84656a6cedd2b8c1e1808d1cc648749abc643131e494c01336d4a14b8609656f2c972dc23c5c2e43fe40119fb88b5ec2aade35c03646e347354c493de8ab3672ccf94af0df333c6678299129d79be0eec281c5b3858ce3995566a390b674635b356692e3e9c53a089638ba0d69e772b7b410a5ae03de12e7de755ee559e1707b7b8003aabc8e2ce03c01e3183ff2d93262f6d5ceaafecdae66bc7cb3952c5a6571d864d502f281db5a228695badca5d022fdb6da56ab15dc377d1c1f8581ff56e28c2b2a84edb629547d28275c2ed571103b4ca7cdeb0776ba9f9dffcd78d21c3d4caa9289ed199672f4e7b912068c49c817114c37d37ea03954bae87d1ddae3da2ad85feb2fbb735b75a51f7bee5c8d88cc7bf64700d1a46ec6b631ae22ac7b06730a86a26bdcb992e1c7b50142de96b14a8468e4514068a30896fc677fddefaebb125c693a8d460469c7fe535f844781940f66d6abd091191c3122d584f5b0f5b0d443713d7d5186124d73de28aca30b719d4a55e09d259bddbf16995aeb1000880890afbd24d4066b0398985a40999de22ce176348e1c1f57eaf75b92a1e4f1482e89a00ac2cc36b20e36af9ec310599c19a5b1d6f8fadba104c58c801c6633315f82ebfa88faddd0b693e2f827f586c1cc5538e93bcf10f81af6dd7ee727df3b5018c0b4e31e40d040a47503b6ace4d29a1162ce487351825255f5584aff7cbd421f85c3d9fbb3784abd9848f16028b68f0d32ed8bb80106e8cc4acb939ff88bd39976d166b2addebf628b3fcd056da2f60e1b90f7a32702954921908ebccb683622a1f574ceba6951bef5e751c338c8279318dc28e36b9fc2bb17c3ad08aceb00fc388e6db112a738f86a4a1eb11526e1b9d73250b326285ed47c4398d93a3933d9a784249b65ad7d78a1f81d96ef36493ed693045a2150a8eb43cecc0c93e7d20b15b39a0646b081c2923b816365b7fbb41683a41732d942c5aa12faf876ec7f036becde8f3295af6dacff38d076d8e06260fee167703bb610745374a2758a6b88e465ca77d1f3105ae8b6b04a1eb509fb178d6249dbbc84d5d1d069278449a89d03e4a9a395d8170c329a296cfc329798cb9b9f1078d098cf3f989fd4ec53e013fbe917df35292d44fb1f3da4da4432a1847d4721514ade8cda5e5c0b51183580fc35266a970ebba74faeda56d4dcb56df51f96ad237452cedbd0cb2bee112713c3d450835811bf3da9745136d428e148fd0932dc77c8d8e61a16c625241fad8425b4ece394eedd5f165bd94923bfa1172be8edc8a4fcaae5f77ee8cc510192b27964da09c3e84efb4bc7154da1a24da8b7e544b42278d2574687ec76143afa6cf193d52a2a7f4c20ee57b6056a1337d5e408117a6cf1ab49c8980f39597f69902085d3e8d374d44e6ab4ed1185a26be2bc7281e9cfbbeb6bed899aa1924d3faa06d95999fbeaf2337494e0c2c39eef5a73fcde84459a9ea48d4e015d9e5bb5839354967ce02f637bc8678d2595b9a918fc36b927d7501f0ac2e3471ce02b5df355689c87f191ef5390900a41deec29984e45a878ece964b0009aad561316fc3b30ce1b49266d32eb17cd30f3e17e1f59014e8c518940dd0a093d1349c1a7c2581963bbe0ba372b6426e81c33c71b2ec8141c5713e52a37fff0a417a5b259e1420d9fb6a731f5baa0cc494221947895aa8fa14745a986a366bff9d0c239a19f85372497565b5b703da16439019df5f3d29f4247fb528854c9648630f03e9dedde5a08a47728ea6a4d42e62eff6fa3bd402325e0f4387b60171c37c180f958ad80955779c899517e7ea76eed00598e01552eaaf08b723daf9d466e8c57af43a15a46528b1119f5074aa3c51f77357ebe158275bc06b89640d7ce3c0a03af01418d7dc6ae8a1be8ab08c1722d66d1e9277480b8b178447667c024f9b78f8a878a2d7cf8e83e5104f6964b2907a989abafc7d7d0df941abf3d7283b6a11d46c2911a42182ec27ab785d92946e1ee8ef44846d561850d2a98c305c382f36d4cfc9b2bfd3b86ef21a0d187adcafbec8268c7d662a34dda1c83c4967097743133bc8c587edf249f5668c34ddb112fa4eb1bea9c8f6a000f1f34428b54688a5e214a7919868b25dbe930e86a243ecf54afe0b518c647d04873d2cf62cb2ab27f00015537a4fd2ea3dc8777abdf3284622347016566da0b9c406ca8c40694e4013a53fbf2e803d51b0bbe5e9df5fc74f66be618856357ccf803c53ed0e3b3fe79f69f0ede9b565d8f7a8ce5aa8cbb4e8fa61be3fd00ffb07e45065498925c14c0b311942d4ed951ad6237aadb5405bc7b2d79e1fd295b7c2ed8efa883e44c86a5053e2f421c6d4dc0c47d3a05d911db37d6efdb8e50fb3f06139ac147bc7162c21aece79eaf72e9779f19eb5395cec3d15a7594ea70a6b373d98651d2215b210f037ea3f8a57ded74474f6fdb64a08b56af52168da70b30aee03472cd8bee5af04cad7303004a4aba464b99", 0xcb3}], 0x5, &(0x7f0000001480)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @private, @multicast1}}}], 0x20}, 0x0)
recvmsg$unix(r3, &(0x7f0000001140)={0x0, 0x0, &(0x7f0000001040)=[{&(0x7f00000015c0)=""/4096, 0x7ffff000}], 0x1, 0x0, 0x2}, 0x40000100)

489.62374ms ago: executing program 3:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0xc0802, 0x0)
ioctl$PPPIOCNEWUNIT(r2, 0xc004743e, &(0x7f00000000c0))
ioctl$PPPIOCSMAXCID(r2, 0x40047451, &(0x7f0000000200))
ioctl$PPPIOCSFLAGS1(r2, 0x40047459, &(0x7f0000000100)=0x2000004)
pwritev(r2, &(0x7f0000000080)=[{&(0x7f00000002c0)='\x00!', 0x2}], 0x1, 0x0, 0x0)

433.232559ms ago: executing program 1:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
close(r0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
ioctl$SIOCSIFHWADDR(r0, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000080007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x3, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000047b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000007b"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r3}, 0x10)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
write$cgroup_devices(r4, &(0x7f00000000c0)=ANY=[@ANYBLOB="1e0306003c5c9801288463"], 0xffdd)

389.913706ms ago: executing program 3:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x4, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$nl_generic(0x11, 0x3, 0x10)
syz_emit_ethernet(0x2a, &(0x7f0000000000)={@local, @local, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x2b, 0x0, 0x0, 0x0, 0x2, 0x0, @rand_addr, @multicast1}, @address_request}}}}, 0x0)
sendmsg(r2, &(0x7f0000000640)={&(0x7f00000000c0)=@caif=@dgm={0x25, 0xd}, 0x2c, &(0x7f00000005c0)=[{&(0x7f0000000000)="4ba72c4cfd81685544f46c3f0800", 0x3e}], 0x2, 0x0, 0x0, 0x11000000}, 0x0)

382.092258ms ago: executing program 3:
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000080)={'erspan0\x00', &(0x7f00000001c0)={'gretap0\x00', 0x0, 0x0, 0x80, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @dev}}}})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = dup(r2)
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f00000001c0)=ANY=[@ANYBLOB="01000000050000f55802"])

361.328871ms ago: executing program 3:
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100))
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f00000002c0)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x2c, 0x0, &(0x7f0000000fc0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, 0x18, &(0x7f0000000240)={@fd={0x66642a85, 0x0, r0}, @flat=@weak_handle, @fd={0x66642a85, 0x0, r0}}, &(0x7f0000000200)={0x0, 0x18, 0x30}}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000680)={0xc, 0x0, &(0x7f0000000640)=[@enter_looper, @release], 0x50, 0x0, &(0x7f0000000780)="cbf0cb20191ec155fb04504422f67c13d06eeafce3baecf9ac1f2b172ca71f76774a7c4502424572594cdfe91d7db487bbb7fc688bf21a598e608849d6b520362e903c9dd20f791d720cfd1d912e6cd0"})

353.328632ms ago: executing program 1:
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
mkdir(&(0x7f00000020c0)='./file0\x00', 0x0)
mount$incfs(&(0x7f0000000140)='./file0\x00', &(0x7f0000000100)='./file0\x00', &(0x7f0000000040), 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
r1 = openat$incfs(r0, &(0x7f0000000180)='.pending_reads\x00', 0x0, 0x0)
ioctl$INCFS_IOC_CREATE_FILE(r1, 0xc058671e, &(0x7f0000000480)={{}, {}, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)='\x00', 0x0, 0x0, 0x0, 0x0})
r2 = socket$inet6(0xa, 0x1, 0x0)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r3, &(0x7f0000000040)={0x2, 0x4e20, @broadcast}, 0x10)
bind$inet6(0xffffffffffffffff, &(0x7f0000f67fe4)={0xa, 0x4e20, 0x0, @dev}, 0x1c)
syz_emit_ethernet(0x2e, &(0x7f0000000200)=ANY=[@ANYRES64, @ANYRES64, @ANYBLOB="028dfcde98", @ANYRES32, @ANYRESDEC, @ANYBLOB="6727bc4d4e6a58a13366e9feb8480f5592e6249b629827b84cb3940bed941103875447f222c9ebb37368eac223728e377a7f1002ca820c3cb309f5e80d676e4ce7b606fb6daba90bea6e7a09eb09f312c51e936ca9585ee9e3dd212574223966246b0327b3270b442ce034de2227bbf2cb2bd7f848d8c9027b707255bd676a6e164ce852de5c2cb15697470dc71ff31bbc5d867a2d771abdc508ffd75b8e98987bee8d2d829484a8c0de9607b497b5057d72179986dcb49cd6aabc1fc48f21b0e022308475058841bf279aba21af708918b5841883e7ae61cb951724ce"], 0x0)
r4 = dup2(r2, r2)
r5 = socket$netlink(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000080)={'batadv0\x00', <r6=>0x0})
r7 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r7, 0x4018620d, &(0x7f0000000100))
r8 = openat$cgroup_ro(r1, &(0x7f00000003c0)='cpuset.effective_mems\x00', 0x275a, 0x0)
write$binfmt_script(r8, &(0x7f0000000100), 0x1000a)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1, 0x10012, r8, 0x0)
r9 = socket$inet6(0xa, 0x3, 0x7)
getsockopt$inet6_buf(r9, 0x29, 0x3d, 0x0, &(0x7f00000000c0))
ioctl$BINDER_WRITE_READ(r7, 0x40046207, 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000000c0)={r4, r6, 0x25, 0x14, @val=@perf_event={0x80000000}}, 0x40)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000040)={'veth0_vlan\x00', <r10=>0x0})
ioctl$sock_inet6_SIOCDELRT(r4, 0x890c, &(0x7f0000000100)={@remote, @private1, @empty, 0x0, 0x40, 0x0, 0x100, 0x0, 0x20d008c, r10})
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x2000000, 0x10, 0xffffffffffffffff, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
syz_open_procfs(0xffffffffffffffff, 0x0)
fchdir(0xffffffffffffffff)
openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0)

347.027233ms ago: executing program 3:
r0 = syz_usb_connect$hid(0x0, 0x6c, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x27b8, 0x1ed, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000002c7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sys_enter\x00', r2}, 0x10)
seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
epoll_pwait2(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000380), 0x400, 0x0)
sendmsg$ETHTOOL_MSG_LINKINFO_SET(r3, &(0x7f0000000580)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000540)={&(0x7f00000004c0)={0x24, 0x0, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@ETHTOOL_A_LINKINFO_PHYADDR={0x5, 0x3, 0xe4}, @ETHTOOL_A_LINKINFO_PHYADDR={0x5, 0x3, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x10)
fchownat(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
nanosleep(&(0x7f0000000080)={0x0, 0x4c4b40}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00'}, 0x10)
syz_usb_control_io$hid(r0, &(0x7f0000000b80)={0x24, 0x0, 0x0, &(0x7f0000000b00)={0x0, 0x22, 0x5, {[@global=@item_4={0x3, 0x1, 0x0, "efb9ce47"}]}}, 0x0}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)

318.638188ms ago: executing program 1:
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='sys_enter\x00', r1}, 0x10)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
r3 = dup(r2)
fgetxattr(r3, &(0x7f0000000180)=@known='system.sockprotoname\x00', 0x0, 0x0)

310.438979ms ago: executing program 1:
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x11, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000170000009520000000000000"], &(0x7f00000000c0)='GPL\x00', 0x4, 0x99, &(0x7f0000000580)=""/153}, 0x80)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x18, 0x5, &(0x7f00000003c0)=ANY=[@ANYBLOB="180000000000000000000000000000008500000005000000850000002a00000095"], &(0x7f00000000c0)='GPL\x00', 0x4, 0xad, &(0x7f00000001c0)=""/173}, 0x80)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r2, 0x107, 0x12, &(0x7f0000000000)={0x0, 0xb007}, 0x4)
r3 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r3, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'veth0_vlan\x00', <r4=>0x0})
sendto$packet(r3, &(0x7f0000000180)="0b031407e0ff640f020047540f68a13bb1000e00080008004803", 0x10000, 0x0, &(0x7f0000000140)={0x11, 0x0, r4}, 0x14)
lsetxattr$security_capability(&(0x7f0000000280)='./file0\x00', &(0x7f00000002c0), &(0x7f0000000300)=@v2={0x2000000, [{0xd46, 0xc82a}, {0x26b2, 0x2}]}, 0x14, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='neigh_update\x00', r1}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000dc0)={&(0x7f0000000d80)='neigh_update\x00', r0}, 0x10)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_inet_SIOCSARP(r5, 0x8955, &(0x7f0000000040)={{0x2, 0x0, @multicast2}, {}, 0x0, {0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 'ip6gre0\x00'})

172.053982ms ago: executing program 1:
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f0000000280)={[{@noblock_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@errors_continue}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x3, 0x56a, &(0x7f0000000680)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
chdir(&(0x7f0000000000)='./file0\x00')
creat(&(0x7f0000000040)='./bus\x00', 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000080)='./bus\x00', 0x185102, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2, 0x28011, r0, 0x0)
readv(0xffffffffffffffff, &(0x7f0000001f80)=[{0x0}, {0x0}, {0xffffffffffffffff}], 0x3)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0)

0s ago: executing program 1:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x12, 0x4, 0x8, 0x8}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f0000000700)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x8002, &(0x7f00000000c0), 0x7, 0x4a9, &(0x7f0000000b40)="$eJzs3E9sFFUYAPBvtru0gEhFREHUIhobjS0UFA5eMJp40MSIBz02bSFIoYbWRAjRkhg8GhLvxqNXD17Vm/Fk4hUPHkwMCTFcAE9jZnem3e6flrbbLri/X7L0vZk3+963b97s23m7BNCzhrJ/koiHIuJ6ROysZZcWGKr9uXPr8sTdW5cnYj5NT/6TVMvdzvK54rjteWa4FFH6Iml4wprZi5fOjk9PT13I86Nz5z4enb146eUz58ZPT52eOj92/PjRI4ePvTr2yuqDalFfFtftfZ/N7N/71ofX3pkoF9sH8r/1cXTKUAy1akrV852urMt21KWTchcbwqpk53/WXZXq+N8ZfaHzoFekaZr2t989nza60rQFeGAl0e0WAN1RvNFnn3+LxyZNPe4LN0/UPgBlcd/JH7U95SjlZSoNn287aSgiPpj/95vsEcvdh/hzgxoAAPScn04UM8HG+V8p9tSVezhfQxmMiEciYldEPBoRuyPisYhq2ccj4onGCpKIdJn6dzfkm+c/pRvriW8l2fzvtXxta+n8r5j9xWBfntsRUUyYpw7lr8lwVPpPnZmeOrxMHT+/8ftX7fbVz/+yR1Z/MRfM23Gj3HCDbnJ8bnzNATe4eSViX7kx/qScdVyxEpBExN6I2LeK5x2sS5958bv9C5nK0nIrx1+VtlxH68BSRfptxAu1/p+PJf2/WGOy/Prk6EBMTx0azc6CQy3r+PW3q++2q3/F+H/4q/GQN4/9eHK9YS/I+n9b3fkfxfrtYvyDSUSysF47u/o6rv7xZfV5hw4271vr+b8leb+a3pJv+3R8bu7C4YgtydvN28cWjy3yRfks/uGDrcf/rvyY7JV4MiKyk/ipiHg6Ip7J234gIp6NiBahLfjl9ec+arfvHs//DZPFP9ny+rek/xfX69eQ6Dt74PrdNhePe+v/o9XUcL6l9fUvWXKJuNcGduAlBAAAgPteKarf/S+NLKRLpZGR2j2g3bGtND0zO/fSqZlPzk/WfiMwGJVScaerdj+4khT3Pwfr8mMN+SP5feOv+7ZW8yMTM9OT3Q4eetz26phPmsZ/5u++brcO2HB+8gO9a6Xxv+faJjUE2HTe/6F31Y3/+TZF5n1TBv6fvP9D72o1/j9fwzHAgyU1lqGnGf/Qu8rx3kK61NWWAJvN+z/0pPX8rn/lRNrfetdANBeOgY1pxtYWdXUlkc2sulL71rUcVfxvCm3LRGl1T9gfzbv6otMhVyJixcKn93T85E/z78p3uge/35Rx2irRlcsRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAx/0XAAD//8p53a4=")

kernel console output (not intermixed with test programs):

z
[  122.426093][ T1646] usb 5-1: SerialNumber: syz
[  122.431904][ T1646] r8152-cfgselector 5-1: config 0 descriptor??
[  122.538699][   T26] usb 3-1: config 17 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  122.549602][   T26] usb 3-1: config 17 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[  122.559187][   T26] usb 3-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00
[  122.568100][   T26] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  122.604020][   T20] usb 1-1: USB disconnect, device number 14
[  122.720649][ T1646] r8152-cfgselector 5-1: Unknown version 0x0000
[  122.752509][ T1646] r8152-cfgselector 5-1: Unknown version 0x0000
[  122.759179][ T1646] r8152-cfgselector 5-1: USB disconnect, device number 15
[  122.848710][   T26] aiptek 3-1:17.0: Aiptek using 400 ms programming speed
[  122.856364][   T26] input: Aiptek as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:17.0/input/input23
[  122.865421][   T26] input: failed to attach handler kbd to device input23, error: -5
[  122.874494][   T26] usb 3-1: USB disconnect, device number 15
[  123.213180][ T4471] devpts: called with bogus options
[  123.318136][ T4491] loop3: detected capacity change from 0 to 128
[  123.383203][   T26] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  123.394545][ T4491] FAT-fs (loop3): Unrecognized mount option "ÿÿ" or missing value
[  123.552917][ T4491] loop3: detected capacity change from 0 to 512
[  123.611293][ T4491] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  123.623472][ T4491] ext4 filesystem being mounted at /root/syzkaller-testdir1581456971/syzkaller.fPd9tM/146/file0 supports timestamps until 2038 (0x7fffffff)
[  123.650564][   T26] usb 2-1: Using ep0 maxpacket: 8
[  123.674013][ T4491] EXT4-fs error (device loop3): ext4_do_update_inode:5191: inode #2: comm syz-executor.3: corrupted inode contents
[  123.686188][ T4491] EXT4-fs error (device loop3): ext4_dirty_inode:6024: inode #2: comm syz-executor.3: mark_inode_dirty error
[  123.698086][ T4491] EXT4-fs error (device loop3): ext4_do_update_inode:5191: inode #2: comm syz-executor.3: corrupted inode contents
[  123.710250][ T4491] EXT4-fs error (device loop3): __ext4_ext_dirty:183: inode #2: comm syz-executor.3: mark_inode_dirty error
[  123.731302][ T4491] EXT4-fs error (device loop3): ext4_map_blocks:602: inode #2: block 22: comm syz-executor.3: lblock 0 mapped to illegal pblock 22 (length 1)
[  123.750600][   T45] EXT4-fs error (device loop3): __ext4_get_inode_loc:4340: comm kworker/u4:2: Invalid inode table block 0 in block_group 0
[  123.763581][   T45] EXT4-fs error (device loop3): __ext4_get_inode_loc:4340: comm kworker/u4:2: Invalid inode table block 0 in block_group 0
[  123.776451][   T45] EXT4-fs error (device loop3): __ext4_get_inode_loc:4340: comm kworker/u4:2: Invalid inode table block 0 in block_group 0
[  123.778903][   T26] usb 2-1: config 135 has an invalid interface number: 230 but max is 0
[  123.789257][   T45] EXT4-fs error (device loop3): __ext4_get_inode_loc:4340: comm kworker/u4:2: Invalid inode table block 0 in block_group 0
[  123.797401][   T26] usb 2-1: config 135 has an invalid descriptor of length 0, skipping remainder of the config
[  123.810960][    T8] EXT4-fs error (device loop3): ext4_map_blocks:602: inode #3: block 13: comm kworker/u4:0: lblock 0 mapped to illegal pblock 13 (length 1)
[  123.819993][   T26] usb 2-1: config 135 has no interface number 0
[  123.834056][ T2103] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  123.840033][   T26] usb 2-1: config 135 interface 230 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  123.847917][    T8] Quota error (device loop3): remove_tree: Can't read quota data block 1
[  123.872944][   T30] audit: type=1400 audit(1718610387.254:981): avc:  denied  { execstack } for  pid=4503 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  123.904225][ T4508] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
[  124.024730][   T26] usb 2-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=3f.3a
[  124.035981][   T26] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  124.045056][   T26] usb 2-1: Product: syz
[  124.049615][   T26] usb 2-1: Manufacturer: syz
[  124.054291][   T26] usb 2-1: SerialNumber: syz
[  124.099681][ T2103] usb 3-1: Using ep0 maxpacket: 16
[  124.333035][ T1646] usb 2-1: USB disconnect, device number 18
[  124.365197][ T4532] devpts: called with bogus options
[  124.381100][   T30] audit: type=1400 audit(1718610387.740:982): avc:  denied  { connect } for  pid=4533 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  124.403901][   T30] audit: type=1400 audit(1718610387.759:983): avc:  denied  { write } for  pid=4533 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  124.420242][   T26] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  124.516525][ T2103] usb 3-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=ed.ec
[  124.525568][ T2103] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  124.533305][ T2103] usb 3-1: Product: syz
[  124.537308][ T2103] usb 3-1: Manufacturer: syz
[  124.541748][ T2103] usb 3-1: SerialNumber: syz
[  124.546754][ T2103] r8152-cfgselector 3-1: config 0 descriptor??
[  124.548176][ T4538] loop0: detected capacity change from 0 to 40427
[  124.604953][ T4538] F2FS-fs (loop0): Found nat_bits in checkpoint
[  124.633562][ T4538] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  124.648759][ T4538] attempt to access beyond end of device
[  124.648759][ T4538] loop0: rw=2049, want=53376, limit=40427
[  124.660623][ T4538] attempt to access beyond end of device
[  124.660623][ T4538] loop0: rw=0, want=53376, limit=40427
[  124.674558][ T2689] attempt to access beyond end of device
[  124.674558][ T2689] loop0: rw=2049, want=45104, limit=40427
[  124.751625][  T314] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  124.802354][ T4552] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[  124.811489][   T26] usb 4-1: config 17 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  124.823258][   T26] usb 4-1: config 17 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[  124.832975][   T26] usb 4-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00
[  124.841796][ T2103] r8152-cfgselector 3-1: Unknown version 0x0000
[  124.841801][   T26] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  124.879949][ T2103] r8152-cfgselector 3-1: Unknown version 0x0000
[  124.886751][ T2103] r8152-cfgselector 3-1: USB disconnect, device number 16
[  124.893725][   T30] audit: type=1400 audit(1718610388.208:984): avc:  denied  { mount } for  pid=4555 comm="syz-executor.1" name="/" dev="bpf" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1
[  124.916412][   T30] audit: type=1400 audit(1718610388.217:985): avc:  denied  { unmount } for  pid=2574 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1
[  124.951964][ T4562] 9pnet: p9_errstr2errno: server reported unknown error õ1 g;-‡~	
[  125.011621][ T4566] device pim6reg1 entered promiscuous mode
[  125.125822][   T26] aiptek 4-1:17.0: Aiptek using 400 ms programming speed
[  125.133696][   T26] input: Aiptek as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:17.0/input/input24
[  125.142805][   T26] input: failed to attach handler kbd to device input24, error: -5
[  125.151908][   T26] usb 4-1: USB disconnect, device number 14
[  125.157889][  T314] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  125.168957][  T314] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  125.182532][  T314] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  125.193736][  T314] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  125.283983][  T314] usb 5-1: config 0 descriptor??
[  125.564126][ T2103] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[  125.793038][ T4592] loop3: detected capacity change from 0 to 256
[  125.821211][ T4592] exfat: Deprecated parameter 'utf8'
[  125.828866][ T4592] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d)
[  125.840714][ T2103] usb 1-1: Using ep0 maxpacket: 8
[  125.843009][  T314] plantronics 0003:047F:FFFF.001A: unknown main item tag 0x0
[  125.853052][  T314] plantronics 0003:047F:FFFF.001A: No inputs registered, leaving
[  125.903143][  T314] plantronics 0003:047F:FFFF.001A: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  126.002763][ T2103] usb 1-1: config 135 has an invalid interface number: 230 but max is 0
[  126.010911][ T2103] usb 1-1: config 135 has an invalid descriptor of length 0, skipping remainder of the config
[  126.021138][ T2103] usb 1-1: config 135 has no interface number 0
[  126.027439][ T2103] usb 1-1: config 135 interface 230 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  126.028839][ T4596] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  126.184436][  T314] usb 5-1: USB disconnect, device number 16
[  126.226969][ T2103] usb 1-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=3f.3a
[  126.235829][ T2103] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  126.258982][ T2103] usb 1-1: Product: syz
[  126.263079][ T2103] usb 1-1: Manufacturer: syz
[  126.267513][ T2103] usb 1-1: SerialNumber: syz
[  126.390756][ T4604] device pim6reg1 entered promiscuous mode
[  126.560997][ T1646] usb 1-1: USB disconnect, device number 15
[  126.825667][ T2103] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[  126.979300][ T4636] fuse: Invalid rootmode
[  126.985573][   T30] audit: type=1400 audit(1718610390.172:986): avc:  denied  { getopt } for  pid=4629 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  127.134841][ T4639] loop2: detected capacity change from 0 to 2048
[  127.279226][ T4639] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  127.336309][ T4647] loop0: detected capacity change from 0 to 256
[  127.350025][ T4647] exfat: Deprecated parameter 'utf8'
[  127.357397][ T4647] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d)
[  127.499214][ T2103] usb 2-1: config 17 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  127.510125][ T2103] usb 2-1: config 17 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[  127.521497][ T2103] usb 2-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00
[  127.530390][ T2103] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  127.539082][ T4649] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  127.884353][ T2103] aiptek 2-1:17.0: Aiptek using 400 ms programming speed
[  127.893066][ T2103] input: Aiptek as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:17.0/input/input25
[  127.921037][ T2103] input: failed to attach handler kbd to device input25, error: -5
[  127.933601][   T30] audit: type=1400 audit(1718610391.061:987): avc:  denied  { nlmsg_read } for  pid=4666 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  127.935940][ T2103] usb 2-1: USB disconnect, device number 19
[  128.061063][ T4672] loop4: detected capacity change from 0 to 1024
[  128.173810][ T4674] loop3: detected capacity change from 0 to 1024
[  128.212726][ T4665] loop2: detected capacity change from 0 to 40427
[  128.233168][ T4672] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  128.271596][ T4665] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  128.289618][ T4665] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  128.324603][ T4674] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  128.346614][ T4665] F2FS-fs (loop2): Found nat_bits in checkpoint
[  128.387380][ T4665] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  128.394285][ T4665] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  128.438234][ T4690] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  128.455604][ T4690] kvm: pic: non byte read
[  128.460024][ T4690] kvm: pic: level sensitive irq not supported
[  128.460104][ T4690] kvm: pic: non byte read
[  128.470382][ T4690] kvm: pic: level sensitive irq not supported
[  128.470432][ T4690] kvm: pic: non byte read
[  128.480864][ T4693] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  128.488378][ T4690] kvm: pic: level sensitive irq not supported
[  128.488596][ T4690] kvm: pic: non byte read
[  128.514440][   T30] audit: type=1400 audit(1718610391.594:988): avc:  denied  { connect } for  pid=4695 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  128.542583][ T4696] x_tables: duplicate entry at hook 2
[  128.545606][   T30] audit: type=1400 audit(1718610391.622:989): avc:  denied  { write } for  pid=4695 comm="syz-executor.0" laddr=fe80::a lport=1 faddr=fe80::bb scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  128.571643][   T30] audit: type=1400 audit(1718610391.641:990): avc:  denied  { create } for  pid=4699 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=tcp_socket permissive=1
[  128.895768][ T4710] loop1: detected capacity change from 0 to 1024
[  128.952829][ T4717] device syzkaller0 entered promiscuous mode
[  128.963039][ T4710] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  128.987736][ T4721] loop2: detected capacity change from 0 to 256
[  129.020318][ T4721] exfat: Deprecated parameter 'utf8'
[  129.027976][ T4721] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d)
[  129.030137][ T4724] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  129.079925][ T4730] x_tables: duplicate entry at hook 2
[  129.118643][ T4738] fuse: Invalid rootmode
[  129.241697][ T1646] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  129.779029][ T4748] loop3: detected capacity change from 0 to 2048
[  129.790274][ T4751] loop0: detected capacity change from 0 to 1024
[  129.881000][ T4751] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  129.939187][ T4752] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  129.961227][ T4748] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  130.163531][ T4757] device syzkaller0 entered promiscuous mode
[  130.307709][ T4762] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  130.372382][ T4768] x_tables: duplicate entry at hook 2
[  130.385719][ T1646] usb 5-1: config 17 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  130.401918][   T30] audit: type=1400 audit(1718610393.371:991): avc:  denied  { mounton } for  pid=4769 comm="syz-executor.3" path="/root/syzkaller-testdir1581456971/syzkaller.fPd9tM/174/file0" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=dir permissive=1
[  130.406842][ T1646] usb 5-1: config 17 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[  130.454933][ T1646] usb 5-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00
[  130.469559][   T30] audit: type=1400 audit(1718610393.427:992): avc:  denied  { map } for  pid=4773 comm="syz-executor.0" path="socket:[36138]" dev="sockfs" ino=36138 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  130.473924][ T1646] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  130.545615][ T4782] fuse: Invalid rootmode
[  130.547423][   T30] audit: type=1400 audit(1718610393.511:993): avc:  denied  { ioctl } for  pid=4779 comm="syz-executor.0" path="/dev/usbmon0" dev="devtmpfs" ino=135 ioctlcmd=0x9207 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  130.625016][ T4747] loop1: detected capacity change from 0 to 131072
[  130.642975][ T4789] x_tables: duplicate entry at hook 2
[  130.657358][ T4791] loop0: detected capacity change from 0 to 256
[  130.672060][ T4747] F2FS-fs (loop1): invalid crc value
[  130.682048][   T30] audit: type=1400 audit(1718610393.633:994): avc:  denied  { mounton } for  pid=4793 comm="syz-executor.3" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[  130.758936][ T4795] loop2: detected capacity change from 0 to 2048
[  130.767385][ T4791] exfat: Deprecated parameter 'utf8'
[  130.794390][ T4791] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d)
[  130.842838][ T4747] F2FS-fs (loop1): Found nat_bits in checkpoint
[  130.913670][ T1646] aiptek 5-1:17.0: Aiptek using 400 ms programming speed
[  130.925100][ T4795] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  130.937525][ T1646] input: Aiptek as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:17.0/input/input26
[  130.949822][ T1646] input: failed to attach handler kbd to device input26, error: -5
[  130.967928][ T1646] usb 5-1: USB disconnect, device number 17
[  130.979347][ T4747] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4
[  130.995430][ T4793] bridge0: port 1(bridge_slave_0) entered blocking state
[  131.002520][ T4793] bridge0: port 1(bridge_slave_0) entered disabled state
[  131.010933][ T4793] device bridge_slave_0 entered promiscuous mode
[  131.017901][ T4793] bridge0: port 2(bridge_slave_1) entered blocking state
[  131.024739][ T4793] bridge0: port 2(bridge_slave_1) entered disabled state
[  131.032147][ T4793] device bridge_slave_1 entered promiscuous mode
[  131.093441][ T4793] bridge0: port 2(bridge_slave_1) entered blocking state
[  131.100300][ T4793] bridge0: port 2(bridge_slave_1) entered forwarding state
[  131.107534][ T4793] bridge0: port 1(bridge_slave_0) entered blocking state
[  131.114444][ T4793] bridge0: port 1(bridge_slave_0) entered forwarding state
[  131.138675][  T613] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  131.146434][  T613] bridge0: port 1(bridge_slave_0) entered disabled state
[  131.153561][  T613] bridge0: port 2(bridge_slave_1) entered disabled state
[  131.167718][  T300] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  131.176029][  T300] bridge0: port 1(bridge_slave_0) entered blocking state
[  131.182872][  T300] bridge0: port 1(bridge_slave_0) entered forwarding state
[  131.191888][  T300] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  131.221254][  T300] bridge0: port 2(bridge_slave_1) entered blocking state
[  131.228178][  T300] bridge0: port 2(bridge_slave_1) entered forwarding state
[  131.296319][ T4805] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  131.333933][  T300] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  131.366181][  T300] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  131.382892][ T4793] device veth0_vlan entered promiscuous mode
[  131.390623][  T300] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  131.398735][  T300] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  131.406880][  T300] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  131.414547][  T300] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  131.426317][ T4793] device veth1_macvtap entered promiscuous mode
[  131.434134][  T300] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  131.441365][  T300] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  131.448791][  T300] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  131.457012][  T300] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  131.473780][  T300] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  131.502341][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  131.511155][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  131.529832][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  131.537913][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  131.583270][ T4825] device pim6reg1 entered promiscuous mode
[  131.892672][ T4837] netlink: 'syz-executor.3': attribute type 5 has an invalid length.
[  131.956851][   T30] audit: type=1400 audit(1718610394.821:995): avc:  denied  { getattr } for  pid=4844 comm="syz-executor.2" name="/" dev="incremental-fs" ino=1938 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  131.981599][ T4846] overlayfs: failed to create directory ./file0/work (errno: 22); mounting read-only
[  132.056974][ T4857] device pim6reg1 entered promiscuous mode
[  132.138829][   T26] usb 1-1: new high-speed USB device number 16 using dummy_hcd
[  132.149565][  T612] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[  132.257090][ T4865] netlink: 'syz-executor.2': attribute type 5 has an invalid length.
[  132.486045][ T4891] netlink: 'syz-executor.4': attribute type 5 has an invalid length.
[  132.513418][ T4895] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4895 comm=syz-executor.4
[  132.526088][   T26] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  132.526900][ T4895] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'.
[  132.536113][  T612] usb 2-1: config 17 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  132.536146][  T612] usb 2-1: config 17 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[  132.536174][  T612] usb 2-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00
[  132.536195][  T612] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  132.557626][   T26] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  132.594149][   T26] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  132.694785][   T26] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  132.703651][   T26] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  132.711450][   T26] usb 1-1: SerialNumber: syz
[  132.758092][ T4909] overlayfs: failed to create directory ./file0/work (errno: 22); mounting read-only
[  132.908611][  T612] aiptek 2-1:17.0: Aiptek using 400 ms programming speed
[  132.916098][  T612] input: Aiptek as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:17.0/input/input27
[  132.940683][  T612] input: failed to attach handler kbd to device input27, error: -5
[  132.949637][  T612] usb 2-1: USB disconnect, device number 20
[  133.051864][ T4919] loop4: detected capacity change from 0 to 1024
[  133.065283][   T26] usb 1-1: 0:2 : does not exist
[  133.086181][   T26] usb 1-1: unit 5 not found!
[  133.127067][   T26] usb 1-1: USB disconnect, device number 16
[  133.156501][ T4919] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  133.256893][ T4923] netlink: 'syz-executor.2': attribute type 5 has an invalid length.
[  133.412307][ T4911] loop3: detected capacity change from 0 to 131072
[  133.413435][ T4925] loop2: detected capacity change from 0 to 40427
[  133.465276][ T4925] F2FS-fs (loop2): Invalid Fs Meta Ino: node(1) meta(2) root(0)
[  133.466327][ T4911] F2FS-fs (loop3): invalid crc value
[  133.472793][ T4925] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  133.479806][ T4911] F2FS-fs (loop3): Found nat_bits in checkpoint
[  133.487349][ T4925] F2FS-fs (loop2): invalid crc value
[  133.498429][ T4925] F2FS-fs (loop2): Found nat_bits in checkpoint
[  133.529281][ T4911] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4
[  133.558040][ T4936] device pim6reg1 entered promiscuous mode
[  133.570274][ T4925] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  133.577298][ T4925] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  133.586583][ T4941] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.1'.
[  135.047777][ T3262] attempt to access beyond end of device
[  135.047777][ T3262] loop2: rw=2049, want=45104, limit=40427
[  135.119607][ T4956] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  135.168150][ T4956] kvm: pic: non byte read
[  135.172969][ T4956] kvm: pic: level sensitive irq not supported
[  135.173052][ T4956] kvm: pic: non byte read
[  135.187740][ T4956] kvm: pic: level sensitive irq not supported
[  135.188052][ T4956] kvm: pic: non byte read
[  135.225339][ T4956] kvm: pic: level sensitive irq not supported
[  135.225391][ T4956] kvm: pic: non byte read
[  135.285053][ T4973] 9pnet: Insufficient options for proto=fd
[  135.306431][ T4978] device pim6reg1 entered promiscuous mode
[  135.399505][   T20] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[  135.922994][ T4991] loop2: detected capacity change from 0 to 40427
[  135.977565][ T4991] F2FS-fs (loop2): Invalid Fs Meta Ino: node(1) meta(2) root(0)
[  135.985255][ T4991] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  135.994369][ T4991] F2FS-fs (loop2): invalid crc value
[  136.005307][ T4991] F2FS-fs (loop2): Found nat_bits in checkpoint
[  136.074554][ T4991] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  136.077736][ T4997] loop4: detected capacity change from 0 to 512
[  136.087806][ T4991] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  136.126496][   T20] usb 2-1: config 17 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  136.142869][   T20] usb 2-1: config 17 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[  136.154488][ T4971] loop3: detected capacity change from 0 to 131072
[  136.161022][   T20] usb 2-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00
[  136.170008][   T20] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  136.170645][ T4997] EXT4-fs (loop4): 1 orphan inode deleted
[  136.183607][ T4997] EXT4-fs (loop4): mounted filesystem without journal. Opts: errors=remount-ro,nodiscard,noquota,init_itable,stripe=0x0000000000000079,resgid=0x0000000000000000,sysvgroups,delalloc,usrquota,. Quota mode: writeback.
[  136.204319][ T4997] ext4 filesystem being mounted at /root/syzkaller-testdir1626515355/syzkaller.o5JDxt/138/file1 supports timestamps until 2038 (0x7fffffff)
[  136.220139][ T4971] F2FS-fs (loop3): invalid crc value
[  136.226930][ T4971] F2FS-fs (loop3): Found nat_bits in checkpoint
[  136.238500][ T4997] EXT4-fs error (device loop4): ext4_ext_remove_space:2840: inode #16: comm syz-executor.4: path[1].p_hdr == NULL
[  136.261315][ T4997] EXT4-fs (loop4): Remounting filesystem read-only
[  136.266590][ T4971] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4
[  136.268035][ T4997] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5820: Corrupt filesystem
[  136.431496][ T5007] loop0: detected capacity change from 0 to 256
[  136.438190][ T4997] EXT4-fs error (device loop4): ext4_punch_hole:4132: inode #16: comm syz-executor.4: mark_inode_dirty error
[  136.518496][ T4996] EXT4-fs error (device loop4): ext4_ext_map_blocks:4160: inode #16: comm syz-executor.4: bad extent address lblock: 0, depth: 1 pblock 0
[  136.538181][   T20] aiptek 2-1:17.0: Aiptek using 400 ms programming speed
[  136.545805][   T20] input: Aiptek as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:17.0/input/input29
[  136.554832][   T20] input: failed to attach handler kbd to device input29, error: -5
[  136.559052][ T5007] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  136.563734][   T20] usb 2-1: USB disconnect, device number 21
[  136.583073][ T4996] EXT4-fs error (device loop4): ext4_ext_map_blocks:4160: inode #16: comm syz-executor.4: bad extent address lblock: 0, depth: 1 pblock 0
[  136.598577][ T4996] EXT4-fs error (device loop4): ext4_ext_map_blocks:4160: inode #16: comm syz-executor.4: bad extent address lblock: 0, depth: 1 pblock 0
[  136.612740][ T4996] EXT4-fs error (device loop4): ext4_ext_map_blocks:4160: inode #16: comm syz-executor.4: bad extent address lblock: 0, depth: 1 pblock 0
[  136.626859][ T4996] EXT4-fs error (device loop4): ext4_ext_map_blocks:4160: inode #16: comm syz-executor.4: bad extent address lblock: 0, depth: 1 pblock 0
[  136.645481][ T4996] EXT4-fs error (device loop4): ext4_ext_map_blocks:4160: inode #16: comm syz-executor.4: bad extent address lblock: 0, depth: 1 pblock 0
[  136.660094][ T3262] attempt to access beyond end of device
[  136.660094][ T3262] loop2: rw=2049, want=45104, limit=40427
[  136.664462][ T4996] EXT4-fs error (device loop4): ext4_ext_map_blocks:4160: inode #16: comm syz-executor.4: bad extent address lblock: 0, depth: 1 pblock 0
[  136.749281][ T5009] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  136.759393][ T5009] kvm: pic: non byte read
[  136.763637][ T5009] kvm: pic: level sensitive irq not supported
[  136.763670][ T5009] kvm: pic: non byte read
[  136.773895][ T5009] kvm: pic: level sensitive irq not supported
[  136.773929][ T5009] kvm: pic: non byte read
[  136.787613][ T5009] kvm: pic: level sensitive irq not supported
[  136.787686][ T5009] kvm: pic: non byte read
[  137.018987][ T5020] bridge0: port 1(bridge_slave_0) entered blocking state
[  137.025922][ T5020] bridge0: port 1(bridge_slave_0) entered disabled state
[  137.033127][ T5020] device bridge_slave_0 entered promiscuous mode
[  137.039923][ T5020] bridge0: port 2(bridge_slave_1) entered blocking state
[  137.044843][ T5018] loop0: detected capacity change from 0 to 40427
[  137.046848][ T5020] bridge0: port 2(bridge_slave_1) entered disabled state
[  137.060542][ T5020] device bridge_slave_1 entered promiscuous mode
[  137.079501][ T5018] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  137.087165][ T5018] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  137.108494][ T5018] F2FS-fs (loop0): Found nat_bits in checkpoint
[  137.114354][ T5033] loop1: detected capacity change from 0 to 1024
[  137.132406][ T5033] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (24866!=20869)
[  137.144482][ T5033] EXT4-fs (loop1): invalid journal inode
[  137.164070][ T5018] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  137.166527][ T5020] bridge0: port 2(bridge_slave_1) entered blocking state
[  137.170978][ T5018] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  137.177792][ T5020] bridge0: port 2(bridge_slave_1) entered forwarding state
[  137.177893][ T5020] bridge0: port 1(bridge_slave_0) entered blocking state
[  137.198969][ T5020] bridge0: port 1(bridge_slave_0) entered forwarding state
[  137.228713][  T613] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  137.236320][  T613] bridge0: port 1(bridge_slave_0) entered disabled state
[  137.244024][  T613] bridge0: port 2(bridge_slave_1) entered disabled state
[  137.265911][ T1646] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  137.277956][   T30] audit: type=1400 audit(1718610399.797:996): avc:  denied  { module_load } for  pid=5032 comm="syz-executor.1" path="/root/syzkaller-testdir1913144439/syzkaller.7yggjC/170/bus" dev="sda1" ino=1963 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=system permissive=1
[  137.290177][ T1646] bridge0: port 1(bridge_slave_0) entered blocking state
[  137.305491][ T5033] Invalid ELF header type: 0 != 1
[  137.312068][ T1646] bridge0: port 1(bridge_slave_0) entered forwarding state
[  137.324115][   T20] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[  137.331674][ T1646] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  137.340323][ T1646] bridge0: port 2(bridge_slave_1) entered blocking state
[  137.347175][ T1646] bridge0: port 2(bridge_slave_1) entered forwarding state
[  137.365532][ T1646] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  137.373511][ T1646] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  137.982471][ T5020] device veth0_vlan entered promiscuous mode
[  137.989513][    T8] device bridge_slave_1 left promiscuous mode
[  137.995642][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[  138.003336][    T8] device bridge_slave_0 left promiscuous mode
[  138.009397][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[  138.017609][    T8] device veth1_macvtap left promiscuous mode
[  138.032312][    T8] device veth0_vlan left promiscuous mode
[  138.161013][  T613] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  138.169364][  T613] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  138.177969][  T613] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  138.186539][  T613] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  138.202141][  T612] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  138.210128][  T612] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  138.219951][ T5020] device veth1_macvtap entered promiscuous mode
[  138.273033][   T20] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  138.282757][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  138.293098][   T20] usb 4-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  138.297420][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  138.302217][   T20] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  138.318618][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  138.318683][   T20] usb 4-1: config 0 descriptor??
[  138.339057][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  138.350163][  T613] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[  138.358114][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  138.372478][ T5051] netem: change failed
[  138.387689][   T30] audit: type=1400 audit(1718610400.836:997): avc:  denied  { getopt } for  pid=5056 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  138.611327][ T5059] loop1: detected capacity change from 0 to 40427
[  138.664201][ T5059] F2FS-fs (loop1): Found nat_bits in checkpoint
[  138.713835][ T5059] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  138.724229][    T6] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  138.747323][ T2574] attempt to access beyond end of device
[  138.747323][ T2574] loop1: rw=524288, want=45072, limit=40427
[  138.759157][ T2574] attempt to access beyond end of device
[  138.759157][ T2574] loop1: rw=0, want=45072, limit=40427
[  138.777848][  T613] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  138.785390][    T8] attempt to access beyond end of device
[  138.785390][    T8] loop1: rw=2049, want=41088, limit=40427
[  138.788720][  T613] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  138.809647][  T613] usb 3-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  138.819734][  T613] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  138.832337][  T613] usb 3-1: config 0 descriptor??
[  138.842314][   T20] keytouch 0003:0926:3333.001B: fixing up Keytouch IEC report descriptor
[  138.851420][   T20] input: HID 0926:3333 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:0926:3333.001B/input/input31
[  138.939987][   T20] keytouch 0003:0926:3333.001B: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.3-1/input0
[  139.073518][ T5022] UDC core: couldn't find an available UDC or it's busy: -16
[  139.082687][ T5022] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  139.108815][ T5069] bridge0: port 1(bridge_slave_0) entered blocking state
[  139.115689][ T5069] bridge0: port 1(bridge_slave_0) entered disabled state
[  139.122961][ T5069] device bridge_slave_0 entered promiscuous mode
[  139.129696][ T5069] bridge0: port 2(bridge_slave_1) entered blocking state
[  139.137389][ T5069] bridge0: port 2(bridge_slave_1) entered disabled state
[  139.144669][ T5069] device bridge_slave_1 entered promiscuous mode
[  139.151682][   T30] audit: type=1400 audit(1718610401.546:998): avc:  denied  { relabelfrom } for  pid=5075 comm="syz-executor.0" name="" dev="pipefs" ino=36851 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[  139.151996][    T6] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  139.184275][    T6] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  139.192922][    T6] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  139.268544][  T300] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  139.275953][  T300] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  139.284821][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  139.293458][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  139.301409][   T20] bridge0: port 1(bridge_slave_0) entered blocking state
[  139.308285][   T20] bridge0: port 1(bridge_slave_0) entered forwarding state
[  139.315955][  T613] hid (null): bogus close delimiter
[  139.321099][    T6] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  139.331102][    T6] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  139.340070][    T6] usb 5-1: SerialNumber: syz
[  139.348890][ T5085] netem: change failed
[  139.355062][ T3814] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  139.362934][ T3814] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  139.371110][ T3814] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  139.379304][ T3814] bridge0: port 2(bridge_slave_1) entered blocking state
[  139.386133][ T3814] bridge0: port 2(bridge_slave_1) entered forwarding state
[  139.394063][    T8] device bridge_slave_1 left promiscuous mode
[  139.400316][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[  139.406319][ T5089] loop0: detected capacity change from 0 to 1024
[  139.413589][    T8] device bridge_slave_0 left promiscuous mode
[  139.419534][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[  139.427045][    T8] device veth1_macvtap left promiscuous mode
[  139.432897][    T8] device veth0_vlan left promiscuous mode
[  139.441486][ T5089] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (24866!=20869)
[  139.452001][ T5089] EXT4-fs (loop0): invalid journal inode
[  139.487891][ T5089] Invalid ELF header type: 0 != 1
[  139.514300][ T5092] loop0: detected capacity change from 0 to 256
[  139.531903][ T3814] usb 4-1: USB disconnect, device number 15
[  139.538138][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  139.546148][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  139.554015][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  139.558624][ T5092] exfat: Bad value for 'uid'
[  139.562011][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  139.579860][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  139.588061][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  139.601843][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  139.609776][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  139.617521][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  139.625735][ T5069] device veth0_vlan entered promiscuous mode
[  139.638309][  T612] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  139.647641][ T5069] device veth1_macvtap entered promiscuous mode
[  139.654783][  T613] usb 3-1: string descriptor 0 read error: -71
[  139.657829][  T612] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  139.668904][  T612] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  139.678192][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  139.686211][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  139.694214][  T613] uclogic 0003:256C:006D.001C: failed retrieving string descriptor #200: -71
[  139.703355][    T6] usb 5-1: 0:2 : does not exist
[  139.708346][    T6] usb 5-1: unit 5 not found!
[  139.713223][  T613] uclogic 0003:256C:006D.001C: failed retrieving pen parameters: -71
[  139.722065][    T6] usb 5-1: USB disconnect, device number 18
[  139.727794][  T613] uclogic 0003:256C:006D.001C: failed probing pen v2 parameters: -71
[  139.735942][  T613] uclogic 0003:256C:006D.001C: failed probing parameters: -71
[  139.744016][  T613] uclogic: probe of 0003:256C:006D.001C failed with error -71
[  139.752974][  T613] usb 3-1: USB disconnect, device number 17
[  139.928154][ T5107] loop0: detected capacity change from 0 to 40427
[  139.976320][ T5107] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  139.985119][ T5107] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  139.996794][ T5107] F2FS-fs (loop0): Found nat_bits in checkpoint
[  140.036280][ T5107] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  140.043221][ T5107] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  140.150692][   T30] audit: type=1400 audit(1718610402.491:999): avc:  denied  { ioctl } for  pid=5118 comm="syz-executor.2" path="/root/syzkaller-testdir3576811532/syzkaller.UQcaHn/137/file0/.pending_reads" dev="incremental-fs" ino=2 ioctlcmd=0x940f scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  140.358342][ T5122] loop2: detected capacity change from 0 to 512
[  140.458289][ T5122] EXT4-fs (loop2): 1 orphan inode deleted
[  140.463901][ T5122] EXT4-fs (loop2): mounted filesystem without journal. Opts: errors=remount-ro,nodiscard,noquota,init_itable,stripe=0x0000000000000079,resgid=0x0000000000000000,sysvgroups,delalloc,usrquota,. Quota mode: writeback.
[  140.484581][ T5122] ext4 filesystem being mounted at /root/syzkaller-testdir3576811532/syzkaller.UQcaHn/138/file1 supports timestamps until 2038 (0x7fffffff)
[  140.843356][ T5122] EXT4-fs error (device loop2): ext4_ext_remove_space:2840: inode #18: comm syz-executor.2: path[1].p_hdr == NULL
[  140.857645][ T5122] EXT4-fs (loop2): Remounting filesystem read-only
[  140.885342][ T5122] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5820: Corrupt filesystem
[  140.900915][ T5122] EXT4-fs error (device loop2): ext4_punch_hole:4132: inode #18: comm syz-executor.2: mark_inode_dirty error
[  140.921047][ T5121] EXT4-fs error (device loop2): ext4_ext_map_blocks:4160: inode #18: comm syz-executor.2: bad extent address lblock: 0, depth: 1 pblock 0
[  140.949788][ T5121] EXT4-fs error (device loop2): ext4_ext_map_blocks:4160: inode #18: comm syz-executor.2: bad extent address lblock: 0, depth: 1 pblock 0
[  140.964672][ T5121] EXT4-fs error (device loop2): ext4_ext_map_blocks:4160: inode #18: comm syz-executor.2: bad extent address lblock: 0, depth: 1 pblock 0
[  140.984442][ T5141] netlink: 'syz-executor.0': attribute type 11 has an invalid length.
[  140.994393][ T5121] EXT4-fs error (device loop2): ext4_ext_map_blocks:4160: inode #18: comm syz-executor.2: bad extent address lblock: 0, depth: 1 pblock 0
[  141.008593][ T5121] EXT4-fs error (device loop2): ext4_ext_map_blocks:4160: inode #18: comm syz-executor.2: bad extent address lblock: 0, depth: 1 pblock 0
[  141.028292][ T5121] EXT4-fs error (device loop2): ext4_ext_map_blocks:4160: inode #18: comm syz-executor.2: bad extent address lblock: 0, depth: 1 pblock 0
[  141.044360][ T5121] EXT4-fs error (device loop2): ext4_ext_map_blocks:4160: inode #18: comm syz-executor.2: bad extent address lblock: 0, depth: 1 pblock 0
[  141.240153][ T5156] loop0: detected capacity change from 0 to 40427
[  141.280140][ T5156] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  141.287789][ T5156] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  141.300603][ T5169] bridge0: port 1(bridge_slave_0) entered blocking state
[  141.308070][ T5169] bridge0: port 1(bridge_slave_0) entered disabled state
[  141.328890][ T5156] F2FS-fs (loop0): Found nat_bits in checkpoint
[  141.329624][ T5169] device bridge_slave_0 entered promiscuous mode
[  141.342012][ T5169] bridge0: port 2(bridge_slave_1) entered blocking state
[  141.349037][ T5169] bridge0: port 2(bridge_slave_1) entered disabled state
[  141.357494][ T5169] device bridge_slave_1 entered promiscuous mode
[  141.366477][    T6] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  141.394755][ T5156] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  141.407762][ T5156] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  141.425728][ T5190] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=5190 comm=syz-executor.3
[  141.480072][ T5169] bridge0: port 2(bridge_slave_1) entered blocking state
[  141.487066][ T5169] bridge0: port 2(bridge_slave_1) entered forwarding state
[  141.494159][ T5169] bridge0: port 1(bridge_slave_0) entered blocking state
[  141.501006][ T5169] bridge0: port 1(bridge_slave_0) entered forwarding state
[  141.530900][   T20] bridge0: port 1(bridge_slave_0) entered disabled state
[  141.538245][   T20] bridge0: port 2(bridge_slave_1) entered disabled state
[  141.560236][ T3814] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  141.567497][ T3814] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  141.574884][ T3814] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  141.809887][ T3814] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  141.818259][ T3814] bridge0: port 1(bridge_slave_0) entered blocking state
[  141.825131][ T3814] bridge0: port 1(bridge_slave_0) entered forwarding state
[  141.832708][ T3814] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  141.841362][ T3814] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  141.849382][ T3814] bridge0: port 2(bridge_slave_1) entered blocking state
[  141.856214][ T3814] bridge0: port 2(bridge_slave_1) entered forwarding state
[  141.874319][  T613] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  141.882414][  T613] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  141.890230][  T613] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  141.898098][  T613] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  141.912302][ T5169] device veth0_vlan entered promiscuous mode
[  141.919475][ T3814] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  141.927839][ T3814] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  141.936188][ T3814] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  141.944006][ T3814] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  141.959963][ T5169] device veth1_macvtap entered promiscuous mode
[  141.968671][  T613] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  141.976407][  T613] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  141.983703][  T613] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  141.991661][    T6] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  142.002627][  T613] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  142.010357][    T6] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  142.021468][  T613] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  142.028900][    T6] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  142.056657][    T6] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  142.065171][    T6] usb 5-1: config 0 descriptor??
[  142.074538][  T613] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  142.082925][  T613] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  142.092761][  T613] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  142.102003][  T613] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  142.145731][ T5210] netlink: 'syz-executor.2': attribute type 11 has an invalid length.
[  142.188896][  T380] device bridge_slave_1 left promiscuous mode
[  142.194889][  T380] bridge0: port 2(bridge_slave_1) entered disabled state
[  142.202329][  T380] device bridge_slave_0 left promiscuous mode
[  142.208333][  T380] bridge0: port 1(bridge_slave_0) entered disabled state
[  142.216032][  T380] device veth1_macvtap left promiscuous mode
[  142.221897][  T380] device veth0_vlan left promiscuous mode
[  142.337756][   T26] usb 2-1: new high-speed USB device number 22 using dummy_hcd
[  142.573234][    T6] hid (null): bogus close delimiter
[  142.594251][   T26] usb 2-1: Using ep0 maxpacket: 8
[  142.723031][   T26] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  142.736459][   T26] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  142.754017][   T26] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  142.769306][   T26] usb 2-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  142.782831][   T26] usb 2-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  142.872248][   T26] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a5, bcdDevice= 0.40
[  142.888739][   T26] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  142.897077][ T5240] netlink: 'syz-executor.3': attribute type 11 has an invalid length.
[  142.915911][   T26] usb 2-1: SerialNumber: syz
[  142.927246][ T5246] bridge0: port 3(syz_tun) entered blocking state
[  142.933648][ T5246] bridge0: port 3(syz_tun) entered disabled state
[  142.940315][ T5246] device syz_tun entered promiscuous mode
[  142.945985][ T5246] bridge0: port 3(syz_tun) entered blocking state
[  142.952223][ T5246] bridge0: port 3(syz_tun) entered forwarding state
[  142.952234][    T6] usb 5-1: string descriptor 0 read error: -71
[  142.959203][   T26] cdc_ether: probe of 2-1:1.0 failed with error -22
[  142.970814][ T5246] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  142.971961][   T26] usb-storage 2-1:1.0: USB Mass Storage device detected
[  142.983841][    T6] uclogic 0003:256C:006D.001D: failed retrieving string descriptor #200: -71
[  142.997638][    T6] uclogic 0003:256C:006D.001D: failed retrieving pen parameters: -71
[  142.997847][   T30] audit: type=1326 audit(1718610405.148:1000): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5249 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f605fdbbea9 code=0x7ffc0000
[  143.005561][    T6] uclogic 0003:256C:006D.001D: failed probing pen v2 parameters: -71
[  143.054300][   T30] audit: type=1326 audit(1718610405.185:1001): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5249 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f605fdbbea9 code=0x7ffc0000
[  143.057306][    T6] uclogic 0003:256C:006D.001D: failed probing parameters: -71
[  143.081462][ T5255] loop2: detected capacity change from 0 to 256
[  143.085427][    T6] uclogic: probe of 0003:256C:006D.001D failed with error -71
[  143.091654][   T30] audit: type=1326 audit(1718610405.185:1002): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5249 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f605fdbbea9 code=0x7ffc0000
[  143.099868][    T6] usb 5-1: USB disconnect, device number 19
[  143.122727][   T26] usb-storage 2-1:1.0: Quirks match for vid 0525 pid a4a5: 10000
[  143.130290][   T30] audit: type=1326 audit(1718610405.185:1003): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5249 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f605fdbbea9 code=0x7ffc0000
[  143.159741][   T30] audit: type=1326 audit(1718610405.185:1004): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5249 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f605fdbbea9 code=0x7ffc0000
[  143.159820][   T30] audit: type=1326 audit(1718610405.185:1005): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5249 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f605fdbbea9 code=0x7ffc0000
[  143.159898][   T30] audit: type=1326 audit(1718610405.185:1006): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5249 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f605fdbbea9 code=0x7ffc0000
[  143.159971][   T30] audit: type=1326 audit(1718610405.195:1007): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5249 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f605fdbbea9 code=0x7ffc0000
[  143.160036][   T30] audit: type=1326 audit(1718610405.195:1008): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5249 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f605fdbbea9 code=0x7ffc0000
[  143.160092][   T30] audit: type=1326 audit(1718610405.195:1009): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5249 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f605fdbbea9 code=0x7ffc0000
[  143.191316][ T5255] exfat: Deprecated parameter 'utf8'
[  143.192114][ T5255] exfat: Deprecated parameter 'utf8'
[  143.209174][ T5255] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[  143.413028][   T26] usb 2-1: USB disconnect, device number 22
[  143.573995][ T5264] device pim6reg1 entered promiscuous mode
[  143.727889][ T5270] netlink: 'syz-executor.4': attribute type 11 has an invalid length.
[  143.787525][ T5281] bridge0: port 3(syz_tun) entered blocking state
[  143.797651][ T5281] bridge0: port 3(syz_tun) entered disabled state
[  143.804840][ T5281] device syz_tun entered promiscuous mode
[  143.812675][ T5286] syz-executor.0[5286] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  143.812737][ T5286] syz-executor.0[5286] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  143.842472][ T5288] loop0: detected capacity change from 0 to 2048
[  143.862566][ T5281] bridge0: port 3(syz_tun) entered blocking state
[  143.868823][ T5281] bridge0: port 3(syz_tun) entered forwarding state
[  143.876713][ T5281] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  143.902463][ T5291] loop1: detected capacity change from 0 to 1024
[  143.921919][ T5291] EXT4-fs (loop1): Ignoring removed nomblk_io_submit option
[  143.932724][ T5291] EXT4-fs (loop1): mounted filesystem without journal. Opts: noblock_validity,bsddf,sysvgroups,norecovery,debug_want_extra_isize=0x0000000000000080,data_err=abort,nogrpid,nogrpid,nomblk_io_submit,,errors=continue. Quota mode: none.
[  144.226716][ T5296] loop3: detected capacity change from 0 to 512
[  144.263158][ T5296] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem
[  144.270481][ T5302] loop1: detected capacity change from 0 to 256
[  144.278908][ T5296] EXT4-fs error (device loop3): ext4_ext_check_inode:501: inode #15: comm syz-executor.3: pblk 0 bad header/extent: invalid eh_entries - magic f30a, entries 24833, max 4(4), depth 0(0)
[  144.297152][ T5296] EXT4-fs error (device loop3): ext4_orphan_get:1402: comm syz-executor.3: couldn't read orphan inode 15 (err -117)
[  144.309568][ T5296] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  144.319985][ T5296] ext2 filesystem being mounted at /root/syzkaller-testdir1347495543/syzkaller.JUL61d/41/file0 supports timestamps until 2038 (0x7fffffff)
[  144.339846][ T5296] overlayfs: upper fs needs to support d_type.
[  144.349410][ T5296] overlayfs: upper fs needs to support d_type.
[  144.507871][    T6] usb 1-1: new high-speed USB device number 17 using dummy_hcd
[  144.518633][ T1646] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[  144.732425][ T3814] usb 2-1: new high-speed USB device number 23 using dummy_hcd
[  144.807248][ T1646] usb 3-1: Using ep0 maxpacket: 8
[  144.924874][    T6] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  144.935701][    T6] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  144.945519][    T6] usb 1-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  145.220789][ T5351] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=5351 comm=syz-executor.4
[  145.233885][ T5351] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=5351 comm=syz-executor.4
[  145.246313][ T1646] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  145.259306][    T6] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  145.267267][ T1646] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  145.278308][ T1646] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  145.288504][    T6] usb 1-1: config 0 descriptor??
[  145.288612][ T1646] usb 3-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  145.302863][ T1646] usb 3-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  145.385079][ T1646] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a5, bcdDevice= 0.40
[  145.393927][ T1646] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  145.401738][ T1646] usb 3-1: SerialNumber: syz
[  145.427370][ T3814] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  145.438288][ T3814] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  145.647554][ T1646] cdc_ether: probe of 3-1:1.0 failed with error -22
[  145.654102][ T3814] usb 2-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00
[  145.663130][ T1646] usb-storage 3-1:1.0: USB Mass Storage device detected
[  145.670144][ T3814] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  145.678468][ T1646] usb-storage 3-1:1.0: Quirks match for vid 0525 pid a4a5: 10000
[  145.686560][ T3814] usb 2-1: config 0 descriptor??
[  145.727872][ T1646] usb 3-1: USB disconnect, device number 18
[  145.780547][ T5363] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=5363 comm=syz-executor.3
[  145.793446][    T6] hid (null): bogus close delimiter
[  146.175645][    T6] usb 1-1: string descriptor 0 read error: -71
[  146.197968][ T3814] lg-g15 0003:046D:C222.001F: item fetching failed at offset 10/11
[  146.205737][    T6] uclogic 0003:256C:006D.001E: failed retrieving string descriptor #200: -71
[  146.214404][ T3814] lg-g15: probe of 0003:046D:C222.001F failed with error -22
[  146.233944][    T6] uclogic 0003:256C:006D.001E: failed retrieving pen parameters: -71
[  146.242612][    T6] uclogic 0003:256C:006D.001E: failed probing pen v2 parameters: -71
[  146.250535][    T6] uclogic 0003:256C:006D.001E: failed probing parameters: -71
[  146.257807][    T6] uclogic: probe of 0003:256C:006D.001E failed with error -71
[  146.265916][    T6] usb 1-1: USB disconnect, device number 17
[  146.284540][ T5369] syz-executor.2[5369] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  146.284603][ T5369] syz-executor.2[5369] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  146.298423][ T5369] syz-executor.2[5369] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  146.307626][ T5373] bridge0: port 3(syz_tun) entered blocking state
[  146.310413][ T5369] syz-executor.2[5369] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  146.322801][ T5373] bridge0: port 3(syz_tun) entered disabled state
[  146.349029][ T5373] device syz_tun entered promiscuous mode
[  146.354657][ T5373] bridge0: port 3(syz_tun) entered blocking state
[  146.360841][ T5373] bridge0: port 3(syz_tun) entered forwarding state
[  146.368201][ T5374] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  146.414207][   T26] usb 2-1: USB disconnect, device number 23
[  146.427530][ T5380] loop2: detected capacity change from 0 to 2048
[  146.431192][ T5382] loop4: detected capacity change from 0 to 256
[  146.906090][ T5397] loop0: detected capacity change from 0 to 1024
[  146.946242][ T5397] EXT4-fs (loop0): Ignoring removed nomblk_io_submit option
[  146.957766][ T5397] EXT4-fs (loop0): mounted filesystem without journal. Opts: noblock_validity,bsddf,sysvgroups,norecovery,debug_want_extra_isize=0x0000000000000080,data_err=abort,nogrpid,nogrpid,nomblk_io_submit,,errors=continue. Quota mode: none.
[  147.235975][ T5406] syz-executor.0[5406] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  147.236784][ T5406] syz-executor.0[5406] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  147.249986][ T5406] syz-executor.0[5406] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  147.261755][ T5406] syz-executor.0[5406] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  147.288935][ T5412] loop0: detected capacity change from 0 to 256
[  147.362126][ T5425] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=5425 comm=syz-executor.0
[  147.375299][ T5425] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=5425 comm=syz-executor.0
[  147.627036][ T5439] loop0: detected capacity change from 0 to 1024
[  147.839411][ T5439] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  147.872990][ T5447] loop3: detected capacity change from 0 to 256
[  147.879468][ T5423] loop1: detected capacity change from 0 to 40427
[  147.888708][ T5449] loop2: detected capacity change from 0 to 512
[  147.897780][ T5423] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  147.905325][ T5423] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  147.916513][ T5423] F2FS-fs (loop1): Found nat_bits in checkpoint
[  147.929599][ T5449] EXT4-fs (loop2): Quota format mount options ignored when QUOTA feature is enabled
[  147.940477][ T5449] [EXT4 FS bs=4096, gc=1, bpg=71, ipg=32, mo=a842c09c, mo2=0000]
[  147.948103][ T5449] System zones: 0-2, 18-18, 34-34
[  147.954499][ T5449] EXT4-fs (loop2): 1 orphan inode deleted
[  147.954975][ T5423] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  147.961615][ T5449] EXT4-fs (loop2): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000001,stripe=0x000000000000000a,nolazytime,noquota,jqfmt=vfsold,minixdf,init_itable=0x0000000000000002,grpid,debug,,errors=continue. Quota mode: writeback.
[  147.972963][ T5423] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  147.996417][ T5449] ext4 filesystem being mounted at /root/syzkaller-testdir162369201/syzkaller.NvRyT8/29/file1 supports timestamps until 2038 (0x7fffffff)
[  147.998864][ T5423] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  148.049699][ T5069] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix.
[  148.049737][ T5069] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix.
[  148.057263][ T5069] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix.
[  148.064629][ T5069] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix.
[  148.072375][ T5069] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix.
[  148.079759][ T5069] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix.
[  148.087377][ T5069] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix.
[  148.480097][    T6] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  148.516761][ T5463] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  148.572872][   T30] kauditd_printk_skb: 24 callbacks suppressed
[  148.572886][   T30] audit: type=1400 audit(1718610410.367:1034): avc:  denied  { map } for  pid=5473 comm="syz-executor.1" path="socket:[38966]" dev="sockfs" ino=38966 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tcp_socket permissive=1
[  148.880159][    T6] usb 4-1: Using ep0 maxpacket: 16
[  149.150686][ T5491] loop4: detected capacity change from 0 to 40427
[  149.180288][ T5491] F2FS-fs (loop4): Fix alignment : internally, start(4096) end(16896) block(12288)
[  149.190081][ T5491] F2FS-fs (loop4): invalid crc value
[  149.195530][ T5491] F2FS-fs (loop4): invalid crc value
[  149.200813][ T5491] F2FS-fs (loop4): Failed to get valid F2FS checkpoint
[  149.316268][ T5496] loop2: detected capacity change from 0 to 1024
[  149.389631][ T5496] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  149.482831][ T5491] input: syz0 as /devices/virtual/input/input32
[  149.490982][ T5491] overlayfs: unrecognized mount option "
[  149.490982][ T5491] B: KEY=10000000000000 0
[  149.490982][ T5491] 
[  149.490982][ T5491] I: Bus=0019 Vendor=0000 Product=0003 Version=0000
[  149.490982][ T5491] N: Name="Sleep Button"
[  149.490982][ T5491] P: Phys=LNXSLPBN/button/input0
[  149.490982][ T5491] S: Sysfs=/devices/LNXSYSTM:00/LNXSLPBN:00/input/input1
[  149.490982][ T5491] U: Uniq=
[  149.490982][ T5491] H: Handlers=kbd event1 
[  149.490982][ T5491] B: PROP=0
[  149.490982][ T5491] B: EV=3
[  149.490982][ T5491] B: KEY=4000 0 0
[  149.490982][ T5491] 
[  149.490982][ T5491] I: Bus=0011 Vendor=0001 Product=0001 Version=abba
[  149.490982][ T5491] N: Name="AT Translated Set 2 keyboard"
[  149.490982][ T5491] P: Phys=isa0060/serio0/input0
[  149.490982][ T5491] S: Sysfs=/devices/platform/i8042/serio0/input/input2
[  149.490982][ T5491] U: Uniq=
[  149.490982][ T5491] H: Handlers=kbd leds event2 
[  149.490982][ T5491] B: PROP=0
[  149.490982][ T5491] B: EV=120013
[  149.636200][ T5509] ip6t_REJECT: TCP_RESET illegal for non-tcp
[  149.642825][   T30] audit: type=1400 audit(1718610411.368:1035): avc:  denied  { nlmsg_read } for  pid=5508 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  149.676659][ T5514] bpf_get_probe_write_proto: 6 callbacks suppressed
[  149.676702][ T5514] syz-executor.4[5514] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  149.683249][    T6] usb 4-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[  149.704704][ T5514] syz-executor.4[5514] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  149.704827][    T6] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  149.724183][    T6] usb 4-1: Product: syz
[  149.759965][    T6] usb 4-1: Manufacturer: syz
[  149.764413][    T6] usb 4-1: SerialNumber: syz
[  149.769445][    T6] r8152-cfgselector 4-1: config 0 descriptor??
[  149.958973][ T5525] loop1: detected capacity change from 0 to 40427
[  150.026348][ T5525] F2FS-fs (loop1): Fix alignment : internally, start(4096) end(16896) block(12288)
[  150.035806][    T6] r8152-cfgselector 4-1: Unknown version 0x0000
[  150.042631][ T5525] F2FS-fs (loop1): invalid crc value
[  150.048057][ T5525] F2FS-fs (loop1): invalid crc value
[  150.053344][ T5525] F2FS-fs (loop1): Failed to get valid F2FS checkpoint
[  150.175200][ T5169] bridge0: port 3(syz_tun) entered disabled state
[  150.190179][ T5169] device syz_tun left promiscuous mode
[  150.206111][ T5169] bridge0: port 3(syz_tun) entered disabled state
[  150.215404][ T5532] loop4: detected capacity change from 0 to 40427
[  150.219566][ T5525] input: syz0 as /devices/virtual/input/input33
[  150.231564][ T5525] overlayfs: unrecognized mount option "
[  150.231564][ T5525] B: KEY=10000000000000 0
[  150.231564][ T5525] 
[  150.231564][ T5525] I: Bus=0019 Vendor=0000 Product=0003 Version=0000
[  150.231564][ T5525] N: Name="Sleep Button"
[  150.231564][ T5525] P: Phys=LNXSLPBN/button/input0
[  150.231564][ T5525] S: Sysfs=/devices/LNXSYSTM:00/LNXSLPBN:00/input/input1
[  150.231564][ T5525] U: Uniq=
[  150.231564][ T5525] H: Handlers=kbd event1 
[  150.231564][ T5525] B: PROP=0
[  150.231564][ T5525] B: EV=3
[  150.231564][ T5525] B: KEY=4000 0 0
[  150.231564][ T5525] 
[  150.231564][ T5525] I: Bus=0011 Vendor=0001 Product=0001 Version=abba
[  150.231564][ T5525] N: Name="AT Translated Set 2 keyboard"
[  150.231564][ T5525] P: Phys=isa0060/serio0/input0
[  150.231564][ T5525] S: Sysfs=/devices/platform/i8042/serio0/input/input2
[  150.231564][ T5525] U: Uniq=
[  150.231564][ T5525] H: Handlers=kbd leds event2 
[  150.231564][ T5525] B: PROP=0
[  150.231564][ T5525] B: EV=120013
[  150.334297][    T6] r8152-cfgselector 4-1: Unknown version 0x0000
[  150.340551][    T6] r8152-cfgselector 4-1: bad CDC descriptors
[  150.347368][ T5532] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  150.354957][ T5532] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  150.365230][ T5541] bridge0: port 1(bridge_slave_0) entered blocking state
[  150.372278][    T6] r8152-cfgselector 4-1: Unknown version 0x0000
[  150.372742][ T5541] bridge0: port 1(bridge_slave_0) entered disabled state
[  150.385746][ T5541] device bridge_slave_0 entered promiscuous mode
[  150.385837][    T6] r8152-cfgselector 4-1: USB disconnect, device number 16
[  150.392777][ T5541] bridge0: port 2(bridge_slave_1) entered blocking state
[  150.405746][ T5541] bridge0: port 2(bridge_slave_1) entered disabled state
[  150.412984][ T5541] device bridge_slave_1 entered promiscuous mode
[  150.422646][ T5532] F2FS-fs (loop4): Found nat_bits in checkpoint
[  150.472548][ T5532] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  150.513706][ T5541] bridge0: port 2(bridge_slave_1) entered blocking state
[  150.520565][ T5541] bridge0: port 2(bridge_slave_1) entered forwarding state
[  150.527699][ T5541] bridge0: port 1(bridge_slave_0) entered blocking state
[  150.534535][ T5541] bridge0: port 1(bridge_slave_0) entered forwarding state
[  150.561502][ T5532] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  150.564797][   T30] audit: type=1400 audit(1718610412.229:1036): avc:  denied  { ioctl } for  pid=5554 comm="syz-executor.0" path="socket:[40127]" dev="sockfs" ino=40127 ioctlcmd=0x8b30 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  150.568464][ T5532] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  150.612471][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  150.621240][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  150.633363][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  150.689274][ T5555] loop0: detected capacity change from 0 to 2048
[  150.716323][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  150.753730][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  150.793328][ T5020] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix.
[  150.793361][ T5020] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix.
[  150.841151][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  150.845365][ T5020] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix.
[  150.855868][ T5541] device veth0_vlan entered promiscuous mode
[  150.880645][ T5555] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  150.880932][ T5541] device veth1_macvtap entered promiscuous mode
[  150.900773][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  150.919789][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  150.959647][   T30] audit: type=1400 audit(1718610412.594:1037): avc:  denied  { read } for  pid=5554 comm="syz-executor.0" name="file0" dev="loop0" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=lnk_file permissive=1
[  150.988880][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  150.996228][   T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  151.011754][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  151.024228][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  151.045343][ T5566] syz-executor.2[5566] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  151.045399][ T5566] syz-executor.2[5566] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  151.158023][ T5567] loop3: detected capacity change from 0 to 1024
[  151.235104][ T5567] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  151.436513][    T8] device bridge_slave_1 left promiscuous mode
[  151.450611][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[  151.458378][ T5585] loop1: detected capacity change from 0 to 512
[  151.478442][    T8] device bridge_slave_0 left promiscuous mode
[  151.500741][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[  151.509056][    T8] device veth1_macvtap left promiscuous mode
[  151.516072][    T8] device veth0_vlan left promiscuous mode
[  151.523555][ T5585] EXT4-fs warning (device loop1): ext4_multi_mount_protect:326: fsck is running on the filesystem
[  151.540015][ T5590] loop4: detected capacity change from 0 to 256
[  151.548477][ T5585] EXT4-fs warning (device loop1): ext4_multi_mount_protect:326: MMP failure info: last update time: 1669132786, last update node: dvyukov-desk.muc.corp.google.com, last update device: loop4
[  151.742162][ T5589] loop0: detected capacity change from 0 to 40427
[  151.763072][ T5604] ip6t_REJECT: TCP_RESET illegal for non-tcp
[  151.789485][ T5589] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  151.820238][ T5589] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  151.876331][ T5589] F2FS-fs (loop0): Found nat_bits in checkpoint
[  151.969311][ T5589] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  151.980929][ T5632] loop3: detected capacity change from 0 to 256
[  151.990353][ T5589] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  151.997457][ T5589] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  152.026061][ T5632] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x421408f7, utbl_chksum : 0xe619d30d)
[  152.047627][ T5632] exFAT-fs (loop3): bogus allocation bitmap size(need : 2, cur : 17179869186)
[  152.070963][   T30] audit: type=1400 audit(1718610413.641:1038): avc:  denied  { remove_name } for  pid=5631 comm="syz-executor.3" name="file1" dev="loop3" ino=1048673 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  152.114657][   T30] audit: type=1400 audit(1718610413.660:1039): avc:  denied  { unlink } for  pid=5631 comm="syz-executor.3" name="file1" dev="loop3" ino=1048673 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  152.360308][ T5651] loop1: detected capacity change from 0 to 1024
[  152.451026][ T5651] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  152.503984][   T20] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[  152.529031][ T5656] No source specified
[  152.596698][ T5645] loop3: detected capacity change from 0 to 40427
[  152.677032][ T5645] F2FS-fs (loop3): invalid crc value
[  152.683158][ T5645] F2FS-fs (loop3): Found nat_bits in checkpoint
[  152.711859][ T5645] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  152.990740][   T20] usb 3-1: Using ep0 maxpacket: 16
[  153.073195][ T5676] attempt to access beyond end of device
[  153.073195][ T5676] loop3: rw=10241, want=45104, limit=40427
[  153.091892][ T5676] attempt to access beyond end of device
[  153.091892][ T5676] loop3: rw=2049, want=45112, limit=40427
[  153.304787][ T4793] attempt to access beyond end of device
[  153.304787][ T4793] loop3: rw=2049, want=45120, limit=40427
[  153.370796][   T20] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  153.381178][   T20] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  153.389897][   T20] usb 3-1: Duplicate descriptor for config 1 interface 0 altsetting 0, skipping
[  153.424769][ T5680] loop1: detected capacity change from 0 to 40427
[  153.467412][ T5680] F2FS-fs (loop1): Invalid Fs Meta Ino: node(1) meta(2) root(0)
[  153.474973][ T5680] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  153.484119][ T5680] F2FS-fs (loop1): invalid crc value
[  153.490835][ T5680] F2FS-fs (loop1): Found nat_bits in checkpoint
[  153.505475][ T5682] loop3: detected capacity change from 0 to 2048
[  153.541097][ T5680] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  153.548300][ T5680] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  153.599132][ T5682] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  153.627029][   T20] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  153.659001][   T20] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  153.666899][   T20] usb 3-1: Product: syz
[  153.671832][   T20] usb 3-1: Manufacturer: syz
[  153.676257][   T20] usb 3-1: SerialNumber: syz
[  154.033221][    T6] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  154.044079][   T20] usb 3-1: 0:2 : does not exist
[  154.050201][   T20] usb 3-1: USB disconnect, device number 19
[  154.442188][ T5069] attempt to access beyond end of device
[  154.442188][ T5069] loop1: rw=2049, want=45104, limit=40427
[  154.471496][    T6] usb 5-1: Using ep0 maxpacket: 16
[  154.621249][    T6] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  154.632101][    T6] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  154.641607][    T6] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  154.655601][    T6] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2e22, bcdDevice= 0.00
[  154.664554][    T6] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  154.673241][    T6] usb 5-1: config 0 descriptor??
[  155.104820][ T5729] loop3: detected capacity change from 0 to 65536
[  155.128693][ T5733] loop0: detected capacity change from 0 to 2048
[  155.136533][ T5729] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[  155.178101][    T6] koneplus 0003:1E7D:2E22.0020: unknown main item tag 0x0
[  155.185983][    T6] koneplus 0003:1E7D:2E22.0020: hidraw0: USB HID v0.00 Device [HID 1e7d:2e22] on usb-dummy_hcd.4-1/input0
[  155.198585][ T5733] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  155.409112][ T5737] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  155.417709][ T5737] overlayfs: option "index=on" is useless in a non-upper mount, ignore
[  155.425705][ T5737] overlayfs: missing 'lowerdir'
[  155.458554][   T30] audit: type=1400 audit(1718610416.756:1040): avc:  denied  { mounton } for  pid=5728 comm="syz-executor.3" path="/root/syzkaller-testdir1347495543/syzkaller.JUL61d/67/file0/bus" dev="loop3" ino=1048676 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=dir permissive=1
[  155.490681][ T5740] No source specified
[  155.508580][    T6] koneplus 0003:1E7D:2E22.0020: couldn't init struct koneplus_device
[  155.516453][    T6] koneplus 0003:1E7D:2E22.0020: couldn't install mouse
[  155.565813][ T5748] device pim6reg1 entered promiscuous mode
[  155.579945][    T6] koneplus: probe of 0003:1E7D:2E22.0020 failed with error -71
[  155.588326][    T6] usb 5-1: USB disconnect, device number 20
[  155.659191][ T5756] device sit0 entered promiscuous mode
[  155.689558][ T5763] loop0: detected capacity change from 0 to 256
[  155.755544][ T5763] exfat: Deprecated parameter 'utf8'
[  155.760878][ T5763] exfat: Deprecated parameter 'utf8'
[  155.774388][ T5763] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[  156.091084][ T5784] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[  156.116838][   T30] audit: type=1400 audit(1718610417.420:1041): avc:  denied  { mounton } for  pid=5773 comm="syz-executor.0" path="/root/syzkaller-testdir2454658730/syzkaller.9DyK2x/276/file0" dev="devpts" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:devpts_t tclass=dir permissive=1
[  156.305779][ T5793] loop4: detected capacity change from 0 to 65536
[  156.367809][ T5793] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[  156.470662][    T6] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[  157.182461][ T5799] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  157.191029][ T5799] overlayfs: option "index=on" is useless in a non-upper mount, ignore
[  157.199114][ T5799] overlayfs: missing 'lowerdir'
[  157.572708][ T5816] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[  157.721444][  T314] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[  157.828849][    T6] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  157.861168][    T6] usb 4-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  157.905843][    T6] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  157.947954][    T6] usb 4-1: config 0 descriptor??
[  158.046914][ T5823] loop0: detected capacity change from 0 to 40427
[  158.097621][ T5823] F2FS-fs (loop0): invalid crc value
[  158.103803][ T5823] F2FS-fs (loop0): Found nat_bits in checkpoint
[  158.133168][ T5823] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  158.245298][  T314] usb 3-1: Using ep0 maxpacket: 16
[  158.311815][ T5839] attempt to access beyond end of device
[  158.311815][ T5839] loop0: rw=10241, want=45104, limit=40427
[  158.327947][ T5839] attempt to access beyond end of device
[  158.327947][ T5839] loop0: rw=2049, want=45112, limit=40427
[  158.416570][  T314] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  158.427662][  T314] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  158.437490][  T314] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  158.450313][  T314] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2e22, bcdDevice= 0.00
[  158.468683][  T314] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  158.477276][  T314] usb 3-1: config 0 descriptor??
[  158.491782][    T6] keytouch 0003:0926:3333.0021: fixing up Keytouch IEC report descriptor
[  158.501087][    T6] input: HID 0926:3333 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:0926:3333.0021/input/input35
[  158.563702][ T2689] attempt to access beyond end of device
[  158.563702][ T2689] loop0: rw=2049, want=45120, limit=40427
[  158.596155][    T6] keytouch 0003:0926:3333.0021: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.3-1/input0
[  158.705603][ T5783] UDC core: couldn't find an available UDC or it's busy: -16
[  158.712800][ T5783] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  158.810586][ T5841] loop4: detected capacity change from 0 to 65536
[  158.857331][ T5841] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'.
[  158.997007][  T314] koneplus 0003:1E7D:2E22.0022: unknown main item tag 0x0
[  159.061014][ T5855] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  159.069584][ T5855] overlayfs: option "index=on" is useless in a non-upper mount, ignore
[  159.077599][ T5855] overlayfs: missing 'lowerdir'
[  159.112150][  T314] koneplus 0003:1E7D:2E22.0022: hidraw1: USB HID v0.00 Device [HID 1e7d:2e22] on usb-dummy_hcd.2-1/input0
[  159.199664][ T3012] usb 4-1: USB disconnect, device number 17
[  159.228906][  T314] koneplus 0003:1E7D:2E22.0022: couldn't init struct koneplus_device
[  159.236849][  T314] koneplus 0003:1E7D:2E22.0022: couldn't install mouse
[  159.243827][  T314] koneplus: probe of 0003:1E7D:2E22.0022 failed with error -71
[  159.251900][  T314] usb 3-1: USB disconnect, device number 20
[  159.657607][   T30] audit: type=1326 audit(1718610420.741:1042): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5865 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f61c2821ea9 code=0x7ffc0000
[  159.681756][   T30] audit: type=1326 audit(1718610420.741:1043): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5865 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f61c2821ea9 code=0x7ffc0000
[  159.705652][   T30] audit: type=1326 audit(1718610420.741:1044): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5865 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=251 compat=0 ip=0x7f61c2821ea9 code=0x7ffc0000
[  159.730031][   T30] audit: type=1326 audit(1718610420.741:1045): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5865 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f61c2821ea9 code=0x7ffc0000
[  159.769536][   T30] audit: type=1326 audit(1718610420.741:1046): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5865 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f61c2821ea9 code=0x7ffc0000
[  160.009107][ T5880] incfs: Error accessing: ./file0.
[  160.077379][ T5880] incfs: mount failed -20
[  160.159146][ T5870] loop0: detected capacity change from 0 to 40427
[  160.173565][ T5870] F2FS-fs (loop0): invalid crc value
[  160.180527][ T5870] F2FS-fs (loop0): Found nat_bits in checkpoint
[  160.209712][ T5870] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  160.324694][ T5909] incfs: Error accessing: ./file0.
[  160.329707][ T5909] incfs: mount failed -20
[  160.395103][ T5911] attempt to access beyond end of device
[  160.395103][ T5911] loop0: rw=10241, want=45104, limit=40427
[  160.412635][ T5911] attempt to access beyond end of device
[  160.412635][ T5911] loop0: rw=2049, want=45112, limit=40427
[  160.458292][  T612] usb 2-1: new high-speed USB device number 24 using dummy_hcd
[  160.641462][ T2689] attempt to access beyond end of device
[  160.641462][ T2689] loop0: rw=2049, want=45120, limit=40427
[  160.843165][  T612] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  160.854168][  T612] usb 2-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  160.863019][  T612] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  160.871449][  T612] usb 2-1: config 0 descriptor??
[  161.024761][ T5944] loop0: detected capacity change from 0 to 40427
[  161.035538][   T20] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[  161.058961][ T5944] F2FS-fs (loop0): invalid crc value
[  161.065395][ T5944] F2FS-fs (loop0): Found nat_bits in checkpoint
[  161.099245][ T5944] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  161.150670][ T5957] loop2: detected capacity change from 0 to 1024
[  161.175786][ T5957] EXT4-fs (loop2): Test dummy encryption mode enabled
[  161.182504][ T5957] EXT4-fs (loop2): Test dummy encryption mode enabled
[  161.189149][ T5957] EXT4-fs (loop2): Ignoring removed orlov option
[  161.198309][ T5957] EXT4-fs (loop2): mounted filesystem without journal. Opts: test_dummy_encryption,dioread_lock,test_dummy_encryption,commit=0x0000000000000005,orlov,barrier=0x0000000000000005,max_batch_time=0x0000000000000000,data_err=abort,,errors=continue. Quota mode: writeback.
[  161.226854][ T5957] fscrypt: AES-256-XTS using implementation "xts-aes-aesni"
[  161.286275][ T5963] attempt to access beyond end of device
[  161.286275][ T5963] loop0: rw=10241, want=45104, limit=40427
[  161.304230][ T5963] attempt to access beyond end of device
[  161.304230][ T5963] loop0: rw=2049, want=45112, limit=40427
[  161.499940][  T612] keytouch 0003:0926:3333.0023: fixing up Keytouch IEC report descriptor
[  161.509935][  T612] input: HID 0926:3333 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:0926:3333.0023/input/input36
[  161.538263][   T20] usb 5-1: Using ep0 maxpacket: 16
[  161.574181][   T30] audit: type=1326 audit(1718610422.528:1047): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5974 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1e4957ea9 code=0x7ffc0000
[  161.599542][  T612] keytouch 0003:0926:3333.0023: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.1-1/input0
[  161.622740][   T30] audit: type=1326 audit(1718610422.528:1048): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5974 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=251 compat=0 ip=0x7ff1e4957ea9 code=0x7ffc0000
[  161.646735][   T30] audit: type=1326 audit(1718610422.528:1049): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5974 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1e4957ea9 code=0x7ffc0000
[  161.670690][   T30] audit: type=1326 audit(1718610422.565:1050): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5974 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1e4957ea9 code=0x7ffc0000
[  161.719846][   T20] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  161.722772][ T5898] UDC core: couldn't find an available UDC or it's busy: -16
[  161.730117][   T20] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  161.737472][ T5898] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  161.745786][   T20] usb 5-1: Duplicate descriptor for config 1 interface 0 altsetting 0, skipping
[  161.869508][ T2689] attempt to access beyond end of device
[  161.869508][ T2689] loop0: rw=2049, want=45120, limit=40427
[  161.922918][   T20] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  161.932509][   T20] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  161.940469][   T20] usb 5-1: Product: syz
[  161.944506][   T20] usb 5-1: Manufacturer: syz
[  161.944526][   T20] usb 5-1: SerialNumber: syz
[  161.958834][ T5990] netlink: 'syz-executor.2': attribute type 3 has an invalid length.
[  162.024743][ T6002] loop2: detected capacity change from 0 to 512
[  162.051822][ T6002] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  162.065385][ T6002] EXT4-fs error (device loop2): ext4_get_branch:178: inode #11: block 4294967295: comm syz-executor.2: invalid block
[  162.077699][ T6002] EXT4-fs (loop2): Remounting filesystem read-only
[  162.084077][ T6002] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #11: comm syz-executor.2: invalid indirect mapped block 4294967295 (level 1)
[  162.098301][ T6002] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #11: comm syz-executor.2: invalid indirect mapped block 4294967295 (level 1)
[  162.112635][ T6002] EXT4-fs (loop2): 2 truncates cleaned up
[  162.118190][ T6002] EXT4-fs (loop2): mounted filesystem without journal. Opts: noauto_da_alloc,errors=remount-ro,dioread_nolock,. Quota mode: writeback.
[  162.153184][ T6002] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1711042110 (109506695040 ns) > initial count (32441559296 ns). Using initial count to start timer.
[  162.171068][   T26] usb 2-1: USB disconnect, device number 24
[  162.246681][ T6009] EXT4-fs (sda1): re-mounted. Opts: (null). Quota mode: none.
[  162.275731][   T20] usb 5-1: 0:2 : does not exist
[  162.282042][   T20] usb 5-1: USB disconnect, device number 21
[  162.297081][  T612] usb 1-1: new high-speed USB device number 18 using dummy_hcd
[  162.613715][ T6021] loop3: detected capacity change from 0 to 1024
[  162.640477][ T6021] JBD2: no valid journal superblock found
[  162.646086][ T6021] EXT4-fs (loop3): error loading journal
[  162.713969][  T612] usb 1-1: Using ep0 maxpacket: 16
[  162.885614][ T6041] EXT4-fs (sda1): re-mounted. Opts: (null). Quota mode: none.
[  162.886017][ T6045] loop1: detected capacity change from 0 to 512
[  162.901788][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  162.919366][ T6045] EXT4-fs (loop1): orphan cleanup on readonly fs
[  162.926407][ T6045] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz-executor.1: bg 0: block 97: padding at end of block bitmap is not set
[  162.942352][ T6045] Quota error (device loop1): write_blk: dquota write failed
[  162.950178][ T6045] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[  162.960833][ T6045] EXT4-fs error (device loop1): ext4_xattr_delete_inode:2925: inode #15: comm syz-executor.1: corrupted xattr block 19
[  162.973437][ T6045] EXT4-fs warning (device loop1): ext4_evict_inode:303: xattr delete (err -117)
[  162.982442][ T6045] EXT4-fs (loop1): 1 orphan inode deleted
[  162.988133][  T380] Quota error (device loop1): remove_tree: Getting block too big (0 >= 6)
[  162.997067][ T6045] EXT4-fs (loop1): mounted filesystem without journal. Opts: noload,,errors=continue. Quota mode: writeback.
[  163.011182][   T30] audit: type=1400 audit(1718610423.874:1051): avc:  denied  { mounton } for  pid=6044 comm="syz-executor.1" path="/root/syzkaller-testdir868775152/syzkaller.NNK7Na/66/file0/file0" dev="loop1" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  163.011197][ T6045] fuse: Bad value for 'fd'
[  163.013368][  T612] usb 1-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[  163.044447][ T6045] syz-executor.1 (6045) used greatest stack depth: 19856 bytes left
[  163.052653][  T612] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  163.067915][  T612] usb 1-1: Product: syz
[  163.071862][  T612] usb 1-1: Manufacturer: syz
[  163.076301][  T612] usb 1-1: SerialNumber: syz
[  163.081236][  T612] r8152-cfgselector 1-1: config 0 descriptor??
[  163.269886][   T26] usb 4-1: new high-speed USB device number 18 using dummy_hcd
[  163.301223][ T6079] loop1: detected capacity change from 0 to 256
[  163.338559][   T30] audit: type=1400 audit(1718610424.174:1052): avc:  denied  { mounton } for  pid=6078 comm="syz-executor.1" path="/root/syzkaller-testdir868775152/syzkaller.NNK7Na/74/file0/bus" dev="loop1" ino=1048685 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=file permissive=1
[  163.366231][  T612] r8152-cfgselector 1-1: Unknown version 0x0000
[  163.419540][ T6079] loop_set_status: loop1 () has still dirty pages (nrpages=1)
[  163.431679][ T5069] FAT-fs (loop1): error, corrupted directory (invalid entries)
[  163.439232][ T5069] FAT-fs (loop1): error, corrupted directory (invalid entries)
[  163.450056][ T5069] bridge0: port 3(syz_tun) entered disabled state
[  163.457482][ T5069] device syz_tun left promiscuous mode
[  163.463278][ T5069] bridge0: port 3(syz_tun) entered disabled state
[  163.526445][   T26] usb 4-1: Using ep0 maxpacket: 16
[  163.601345][  T612] r8152-cfgselector 1-1: Unknown version 0x0000
[  163.607575][  T612] r8152-cfgselector 1-1: bad CDC descriptors
[  163.633459][  T612] r8152-cfgselector 1-1: Unknown version 0x0000
[  163.645065][  T612] r8152-cfgselector 1-1: USB disconnect, device number 18
[  163.654752][   T26] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  163.654785][ T6083] bridge0: port 1(bridge_slave_0) entered blocking state
[  163.665348][   T26] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  163.671632][ T6083] bridge0: port 1(bridge_slave_0) entered disabled state
[  163.680237][   T26] usb 4-1: Duplicate descriptor for config 1 interface 0 altsetting 0, skipping
[  163.687731][ T6083] device bridge_slave_0 entered promiscuous mode
[  163.702768][ T6083] bridge0: port 2(bridge_slave_1) entered blocking state
[  163.709736][ T6083] bridge0: port 2(bridge_slave_1) entered disabled state
[  163.716777][ T6083] device bridge_slave_1 entered promiscuous mode
[  163.761211][ T6083] bridge0: port 2(bridge_slave_1) entered blocking state
[  163.768047][ T6083] bridge0: port 2(bridge_slave_1) entered forwarding state
[  163.775163][ T6083] bridge0: port 1(bridge_slave_0) entered blocking state
[  163.781922][ T6083] bridge0: port 1(bridge_slave_0) entered forwarding state
[  163.804645][  T300] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  163.812041][  T300] bridge0: port 1(bridge_slave_0) entered disabled state
[  163.819675][  T300] bridge0: port 2(bridge_slave_1) entered disabled state
[  163.837664][  T300] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  163.845915][  T300] bridge0: port 1(bridge_slave_0) entered blocking state
[  163.852749][  T300] bridge0: port 1(bridge_slave_0) entered forwarding state
[  163.860120][  T300] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  163.868061][  T300] bridge0: port 2(bridge_slave_1) entered blocking state
[  163.874939][  T300] bridge0: port 2(bridge_slave_1) entered forwarding state
[  163.882121][   T26] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  163.891759][  T300] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  163.899303][   T26] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  163.907678][  T300] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  163.915553][   T26] usb 4-1: Product: syz
[  163.921416][   T26] usb 4-1: Manufacturer: syz
[  163.925889][   T26] usb 4-1: SerialNumber: syz
[  163.928577][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  163.947244][ T6083] device veth0_vlan entered promiscuous mode
[  163.954471][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  163.970809][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  163.978952][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  163.991201][ T6083] device veth1_macvtap entered promiscuous mode
[  163.999118][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  164.007008][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  164.015183][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  164.027557][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  164.035607][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  164.046074][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  164.312286][   T30] audit: type=1400 audit(1718610425.091:1053): avc:  denied  { call } for  pid=6099 comm="syz-executor.2" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[  164.316284][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  164.392455][   T26] usb 4-1: 0:2 : does not exist
[  164.398370][    T8] device bridge_slave_1 left promiscuous mode
[  164.400473][   T26] usb 4-1: USB disconnect, device number 18
[  164.406829][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[  164.434506][    T8] device bridge_slave_0 left promiscuous mode
[  164.441088][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[  164.460920][    T8] device veth1_macvtap left promiscuous mode
[  164.470936][    T8] device veth0_vlan left promiscuous mode
[  164.629031][ T6128] netlink: 'syz-executor.0': attribute type 17 has an invalid length.
[  164.637060][ T6128] netlink: 'syz-executor.0': attribute type 15 has an invalid length.
[  164.806437][ T6144] loop3: detected capacity change from 0 to 512
[  164.863579][ T6144] EXT4-fs (loop3): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  164.904028][ T6144] EXT4-fs error (device loop3): ext4_get_branch:178: inode #11: block 4294967295: comm syz-executor.3: invalid block
[  164.930559][ T6144] EXT4-fs (loop3): Remounting filesystem read-only
[  164.941222][ T6144] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #11: comm syz-executor.3: invalid indirect mapped block 4294967295 (level 1)
[  164.973091][ T6144] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #11: comm syz-executor.3: invalid indirect mapped block 4294967295 (level 1)
[  164.991492][ T6144] EXT4-fs (loop3): 2 truncates cleaned up
[  164.997155][ T6144] EXT4-fs (loop3): mounted filesystem without journal. Opts: noauto_da_alloc,errors=remount-ro,dioread_nolock,. Quota mode: writeback.
[  165.052482][ T6144] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1711042110 (109506695040 ns) > initial count (32441559296 ns). Using initial count to start timer.
[  165.487743][ T6182] loop0: detected capacity change from 0 to 1024
[  165.515933][ T6182] JBD2: no valid journal superblock found
[  165.525749][ T6182] EXT4-fs (loop0): error loading journal
[  165.600435][    T6] usb 4-1: new high-speed USB device number 19 using dummy_hcd
[  165.827906][ T6226] bridge: RTM_NEWNEIGH with invalid ether address
[  165.829656][ T6224] loop2: detected capacity change from 0 to 1024
[  165.890999][ T6224] JBD2: no valid journal superblock found
[  165.898302][ T6224] EXT4-fs (loop2): error loading journal
[  166.049513][    T6] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  166.066708][    T6] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  166.090027][    T6] usb 4-1: New USB device found, idVendor=0eef, idProduct=72d0, bcdDevice= 0.00
[  166.113296][    T6] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  166.141866][    T6] usb 4-1: config 0 descriptor??
[  166.180475][ T6240] loop2: detected capacity change from 0 to 512
[  166.245192][ T6240] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  166.272144][ T6240] EXT4-fs error (device loop2): ext4_get_branch:178: inode #11: block 4294967295: comm syz-executor.2: invalid block
[  166.284779][ T6240] EXT4-fs (loop2): Remounting filesystem read-only
[  166.292997][ T6240] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #11: comm syz-executor.2: invalid indirect mapped block 4294967295 (level 1)
[  166.313065][ T6240] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #11: comm syz-executor.2: invalid indirect mapped block 4294967295 (level 1)
[  166.423003][ T6240] EXT4-fs (loop2): 2 truncates cleaned up
[  166.455764][ T6240] EXT4-fs (loop2): mounted filesystem without journal. Opts: noauto_da_alloc,errors=remount-ro,dioread_nolock,. Quota mode: writeback.
[  166.500811][ T6254] loop1: detected capacity change from 0 to 512
[  166.517171][ T6240] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1711042110 (109506695040 ns) > initial count (32441559296 ns). Using initial count to start timer.
[  166.538858][ T6254] EXT4-fs (loop1): orphan cleanup on readonly fs
[  166.545797][ T6254] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz-executor.1: bg 0: block 97: padding at end of block bitmap is not set
[  166.560920][ T6254] EXT4-fs error (device loop1): ext4_xattr_delete_inode:2925: inode #15: comm syz-executor.1: corrupted xattr block 19
[  166.573549][ T6254] EXT4-fs warning (device loop1): ext4_evict_inode:303: xattr delete (err -117)
[  166.582739][ T6254] EXT4-fs (loop1): 1 orphan inode deleted
[  166.615013][ T6254] EXT4-fs (loop1): mounted filesystem without journal. Opts: noload,,errors=continue. Quota mode: writeback.
[  166.637224][ T6254] fuse: Bad value for 'fd'
[  166.664096][ T6268] loop4: detected capacity change from 0 to 1024
[  166.689262][    T6] hid-multitouch 0003:0EEF:72D0.0024: hidraw0: USB HID v0.00 Device [HID 0eef:72d0] on usb-dummy_hcd.3-1/input0
[  166.713327][ T6268] JBD2: no valid journal superblock found
[  166.719071][ T6268] EXT4-fs (loop4): error loading journal
[  166.741438][ T6280] loop2: detected capacity change from 0 to 512
[  166.774633][ T6288] loop1: detected capacity change from 0 to 512
[  166.777090][ T6280] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  166.794203][ T6280] EXT4-fs error (device loop2): ext4_get_branch:178: inode #11: block 4294967295: comm syz-executor.2: invalid block
[  166.808211][ T6280] EXT4-fs (loop2): Remounting filesystem read-only
[  166.814773][ T6280] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #11: comm syz-executor.2: invalid indirect mapped block 4294967295 (level 1)
[  166.818014][ T6288] EXT4-fs (loop1): orphan cleanup on readonly fs
[  166.835089][ T6280] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #11: comm syz-executor.2: invalid indirect mapped block 4294967295 (level 1)
[  166.837333][ T6288] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz-executor.1: bg 0: block 97: padding at end of block bitmap is not set
[  166.859072][ T6280] EXT4-fs (loop2): 2 truncates cleaned up
[  166.865827][ T6288] EXT4-fs error (device loop1): ext4_xattr_delete_inode:2925: inode #15: comm syz-executor.1: corrupted xattr block 19
[  166.869315][ T6280] EXT4-fs (loop2): mounted filesystem without journal. Opts: noauto_da_alloc,errors=remount-ro,dioread_nolock,. Quota mode: writeback.
[  166.881515][ T6288] EXT4-fs warning (device loop1): ext4_evict_inode:303: xattr delete (err -117)
[  166.904828][    T6] usb 4-1: USB disconnect, device number 19
[  166.911154][ T6288] EXT4-fs (loop1): 1 orphan inode deleted
[  166.917224][ T6288] EXT4-fs (loop1): mounted filesystem without journal. Opts: noload,,errors=continue. Quota mode: writeback.
[  166.937995][ T6280] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1711042110 (109506695040 ns) > initial count (32441559296 ns). Using initial count to start timer.
[  166.939763][ T6288] fuse: Bad value for 'fd'
[  167.085916][ T6320] loop1: detected capacity change from 0 to 512
[  167.119704][ T6320] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  167.133339][ T6320] EXT4-fs error (device loop1): ext4_get_branch:178: inode #11: block 4294967295: comm syz-executor.1: invalid block
[  167.145748][ T6320] EXT4-fs (loop1): Remounting filesystem read-only
[  167.152293][  T612] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[  167.155015][ T6326] netlink: 'syz-executor.2': attribute type 17 has an invalid length.
[  167.159996][ T6320] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz-executor.1: invalid indirect mapped block 4294967295 (level 1)
[  167.167737][ T6326] netlink: 'syz-executor.2': attribute type 15 has an invalid length.
[  167.190389][ T6320] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz-executor.1: invalid indirect mapped block 4294967295 (level 1)
[  167.205083][ T6320] EXT4-fs (loop1): 2 truncates cleaned up
[  167.210705][ T6320] EXT4-fs (loop1): mounted filesystem without journal. Opts: noauto_da_alloc,errors=remount-ro,dioread_nolock,. Quota mode: writeback.
[  167.251044][ T6320] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1711042110 (109506695040 ns) > initial count (32441559296 ns). Using initial count to start timer.
[  167.567591][  T612] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  167.584061][  T612] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  167.598716][ T6354] device pim6reg1 entered promiscuous mode
[  167.604031][  T612] usb 5-1: New USB device found, idVendor=1fd2, idProduct=6007, bcdDevice= 0.00
[  167.616535][  T612] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  167.625884][  T612] usb 5-1: config 0 descriptor??
[  168.366977][ T6389] device pim6reg1 entered promiscuous mode
[  168.434150][  T612] hid-multitouch 0003:1FD2:6007.0025: unknown main item tag 0x0
[  168.442133][  T612] hid-multitouch 0003:1FD2:6007.0025: hidraw0: USB HID v0.00 Device [HID 1fd2:6007] on usb-dummy_hcd.4-1/input0
[  168.461001][ T6393] device syzkaller0 entered promiscuous mode
[  169.416812][   T20] usb 5-1: USB disconnect, device number 22
[  169.448251][ T6412] device pim6reg1 entered promiscuous mode
[  169.482567][ T6418] device pim6reg1 entered promiscuous mode
[  169.542112][ T6422] device syzkaller0 entered promiscuous mode
[  170.010710][ T6457] Invalid ELF header type: 0 != 1
[  170.036039][ T6460] loop4: detected capacity change from 0 to 256
[  170.173490][ T6469] loop2: detected capacity change from 0 to 16
[  170.208907][ T6469] erofs: (device loop2): mounted with root inode @ nid 36.
[  170.218347][   T48] erofs: (device loop2): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[9000]
[  170.256641][ T6469] erofs: (device loop2): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[8192]
[  170.392061][ T6483] Invalid ELF header type: 0 != 1
[  170.498151][ T6494] binder_alloc: 6490: binder_alloc_buf failed to map page at 20ffc000 in userspace
[  170.592967][  T300] usb 2-1: new high-speed USB device number 25 using dummy_hcd
[  170.647784][ T6498] uffd: Set unprivileged_userfaultfd sysctl knob to 1 if kernel faults must be handled without obtaining CAP_SYS_PTRACE capability
[  170.978041][  T300] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  171.024889][  T300] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  171.044943][  T300] usb 2-1: New USB device found, idVendor=1fd2, idProduct=6007, bcdDevice= 0.00
[  171.055647][  T300] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  171.068451][  T300] usb 2-1: config 0 descriptor??
[  171.275965][ T6507] loop2: detected capacity change from 0 to 512
[  171.288501][   T30] kauditd_printk_skb: 8 callbacks suppressed
[  171.288551][   T30] audit: type=1326 audit(1718610431.620:1056): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6508 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f61c2821ea9 code=0x7ffc0000
[  171.319236][   T30] audit: type=1326 audit(1718610431.620:1057): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6508 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f61c2821ea9 code=0x7ffc0000
[  171.352128][ T6507] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (3832!=33349)
[  171.371807][   T30] audit: type=1326 audit(1718610431.638:1058): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6508 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f61c2821ea9 code=0x7ffc0000
[  171.381783][ T6507] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a802e01c, mo2=0002]
[  171.450171][ T6507] System zones: 1-12
[  171.460200][   T30] audit: type=1326 audit(1718610431.638:1059): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6508 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f61c2821ea9 code=0x7ffc0000
[  171.469490][ T6507] EXT4-fs (loop2): orphan cleanup on readonly fs
[  171.484533][   T30] audit: type=1326 audit(1718610431.685:1060): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6508 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f61c2821ea9 code=0x7ffc0000
[  171.513967][   T30] audit: type=1326 audit(1718610431.685:1061): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6508 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f61c2821ea9 code=0x7ffc0000
[  171.522009][ T6507] EXT4-fs error (device loop2): ext4_read_inode_bitmap:168: comm syz-executor.2: Inode bitmap for bg 0 marked uninitialized
[  171.537866][   T30] audit: type=1326 audit(1718610431.685:1062): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6508 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=121 compat=0 ip=0x7f61c2821ea9 code=0x7ffc0000
[  171.574378][   T30] audit: type=1326 audit(1718610431.685:1063): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6508 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f61c2821ea9 code=0x7ffc0000
[  171.598669][   T30] audit: type=1326 audit(1718610431.685:1064): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6508 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f61c2821ea9 code=0x7ffc0000
[  171.623358][ T6507] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  171.634578][   T30] audit: type=1326 audit(1718610431.685:1065): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6508 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f61c2821ea9 code=0x7ffc0000
[  171.665045][  T300] hid-multitouch 0003:1FD2:6007.0026: unknown main item tag 0x0
[  171.690743][  T300] hid-multitouch 0003:1FD2:6007.0026: hidraw0: USB HID v0.00 Device [HID 1fd2:6007] on usb-dummy_hcd.1-1/input0
[  171.876603][  T300] usb 2-1: USB disconnect, device number 25
[  172.570758][  T613] usb 5-1: new high-speed USB device number 23 using dummy_hcd
[  172.689542][ T6601] binder_alloc: 6599: binder_alloc_buf failed to map page at 20ffc000 in userspace
[  172.775544][ T6609] loop2: detected capacity change from 0 to 512
[  172.819447][ T6609] EXT4-fs (loop2): bad s_want_extra_isize: 11962
[  172.988698][  T613] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  173.005535][  T613] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  173.020484][  T613] usb 5-1: New USB device found, idVendor=0079, idProduct=0006, bcdDevice= 0.00
[  173.029530][  T613] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  173.039854][  T613] usb 5-1: config 0 descriptor??
[  173.066239][ T6615] syz-executor.0[6615] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  173.066578][ T6615] syz-executor.0[6615] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  173.081518][ T6615] netlink: 25 bytes leftover after parsing attributes in process `syz-executor.0'.
[  173.129759][ T6615] device gretap0 entered promiscuous mode
[  173.139042][ T6616] netlink: 5 bytes leftover after parsing attributes in process `syz-executor.0'.
[  173.148456][ T6616] 0ªX¹¦Dö»: renamed from gretap0
[  173.156338][ T6616] device 
00ªX¹¦Dö» left promiscuous mode
[  173.223549][ T6618] fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-aesni"
[  173.287312][  T612] usb 3-1: new high-speed USB device number 21 using dummy_hcd
[  173.597899][  T613] dragonrise 0003:0079:0006.0027: unknown main item tag 0x0
[  173.605176][  T613] dragonrise 0003:0079:0006.0027: unknown main item tag 0x0
[  173.612363][  T613] dragonrise 0003:0079:0006.0027: unknown main item tag 0x0
[  173.619703][  T613] dragonrise 0003:0079:0006.0027: unknown main item tag 0x0
[  173.626876][  T613] dragonrise 0003:0079:0006.0027: unknown main item tag 0x0
[  173.634790][  T613] dragonrise 0003:0079:0006.0027: hidraw0: USB HID v0.00 Device [HID 0079:0006] on usb-dummy_hcd.4-1/input0
[  173.646221][  T613] dragonrise 0003:0079:0006.0027: no inputs found
[  173.652718][  T613] dragonrise 0003:0079:0006.0027: force feedback init failed
[  173.736011][  T612] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  173.747022][  T612] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  173.756895][  T612] usb 3-1: New USB device found, idVendor=1fd2, idProduct=6007, bcdDevice= 0.00
[  173.766428][  T612] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  173.823419][  T612] usb 3-1: config 0 descriptor??
[  173.943861][  T613] usb 5-1: USB disconnect, device number 23
[  173.966911][ T6638] loop3: detected capacity change from 0 to 512
[  174.014717][ T6638] EXT4-fs (loop3): bad s_want_extra_isize: 11962
[  174.031878][ T6642] syz-executor.0[6642] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  174.031926][ T6642] syz-executor.0[6642] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  174.046269][ T6642] netlink: 25 bytes leftover after parsing attributes in process `syz-executor.0'.
[  174.066911][ T6642] device 
00ªX¹¦Dö» entered promiscuous mode
[  174.074640][ T6642] netlink: 5 bytes leftover after parsing attributes in process `syz-executor.0'.
[  174.083850][ T6642] 1ªX¹¦Dö»: renamed from 
00ªX¹¦Dö»
[  174.089712][ T6642] device 
01ªX¹¦Dö» left promiscuous mode
[  174.378203][  T612] hid-multitouch 0003:1FD2:6007.0028: unknown main item tag 0x0
[  174.386283][  T612] hid-multitouch 0003:1FD2:6007.0028: hidraw0: USB HID v0.00 Device [HID 1fd2:6007] on usb-dummy_hcd.2-1/input0
[  174.473643][   T39] usb 4-1: new high-speed USB device number 20 using dummy_hcd
[  174.537138][ T6660] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  174.570828][ T6665] loop1: detected capacity change from 0 to 256
[  174.596027][  T612] usb 3-1: USB disconnect, device number 21
[  174.610458][ T6665] FAT-fs (loop1): Directory bread(block 64) failed
[  174.617195][ T6665] FAT-fs (loop1): Directory bread(block 65) failed
[  174.623566][ T6665] FAT-fs (loop1): Directory bread(block 66) failed
[  174.629863][ T6665] FAT-fs (loop1): Directory bread(block 67) failed
[  174.636325][ T6665] FAT-fs (loop1): Directory bread(block 68) failed
[  174.642646][ T6665] FAT-fs (loop1): Directory bread(block 69) failed
[  174.649017][ T6665] FAT-fs (loop1): Directory bread(block 70) failed
[  174.655407][ T6665] FAT-fs (loop1): Directory bread(block 71) failed
[  174.661674][ T6665] FAT-fs (loop1): Directory bread(block 72) failed
[  174.668011][ T6665] FAT-fs (loop1): Directory bread(block 73) failed
[  174.860229][ T6684] netem: change failed
[  174.890606][   T39] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  174.901320][   T39] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  174.910819][   T39] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  174.919697][   T39] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  174.928022][   T39] usb 4-1: config 0 descriptor??
[  175.093730][ T6515] usb 2-1: new high-speed USB device number 26 using dummy_hcd
[  175.147162][  T612] usb 5-1: new high-speed USB device number 24 using dummy_hcd
[  175.575013][ T6515] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  175.585759][ T6515] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  175.595268][ T6515] usb 2-1: New USB device found, idVendor=0eef, idProduct=72d0, bcdDevice= 0.00
[  175.604174][  T612] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  175.614801][ T6515] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  175.622610][  T612] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  175.635581][  T612] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  175.644607][ T6515] usb 2-1: config 0 descriptor??
[  175.649432][  T612] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  175.657877][  T612] usb 5-1: config 0 descriptor??
[  175.991750][   T39] usb 4-1: string descriptor 0 read error: -71
[  176.013243][   T39] uclogic 0003:256C:006D.0029: failed retrieving string descriptor #200: -71
[  176.021938][   T39] uclogic 0003:256C:006D.0029: failed retrieving pen parameters: -71
[  176.029843][   T39] uclogic 0003:256C:006D.0029: failed probing pen v2 parameters: -71
[  176.047005][   T39] uclogic 0003:256C:006D.0029: failed probing parameters: -71
[  176.054299][   T39] uclogic: probe of 0003:256C:006D.0029 failed with error -71
[  176.087603][   T39] usb 4-1: USB disconnect, device number 20
[  176.108740][ T6695] Bluetooth: hci0: sending frame failed (-49)
[  176.153664][ T6515] hid-multitouch 0003:0EEF:72D0.002A: hidraw0: USB HID v0.00 Device [HID 0eef:72d0] on usb-dummy_hcd.1-1/input0
[  176.368962][   T39] usb 2-1: USB disconnect, device number 26
[  177.303253][ T6719] bridge0: port 1(bridge_slave_0) entered blocking state
[  177.310198][ T6719] bridge0: port 1(bridge_slave_0) entered disabled state
[  177.317412][ T6719] device bridge_slave_0 entered promiscuous mode
[  177.324077][ T6719] bridge0: port 2(bridge_slave_1) entered blocking state
[  177.330995][ T6719] bridge0: port 2(bridge_slave_1) entered disabled state
[  177.338091][ T6719] device bridge_slave_1 entered promiscuous mode
[  177.388862][ T6719] bridge0: port 2(bridge_slave_1) entered blocking state
[  177.395717][ T6719] bridge0: port 2(bridge_slave_1) entered forwarding state
[  177.402787][ T6719] bridge0: port 1(bridge_slave_0) entered blocking state
[  177.409596][ T6719] bridge0: port 1(bridge_slave_0) entered forwarding state
[  177.432172][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  177.439824][   T39] bridge0: port 1(bridge_slave_0) entered disabled state
[  177.446978][   T39] bridge0: port 2(bridge_slave_1) entered disabled state
[  177.457673][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  177.465781][   T20] bridge0: port 1(bridge_slave_0) entered blocking state
[  177.472615][   T20] bridge0: port 1(bridge_slave_0) entered forwarding state
[  177.489445][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  177.497420][   T39] bridge0: port 2(bridge_slave_1) entered blocking state
[  177.504255][   T39] bridge0: port 2(bridge_slave_1) entered forwarding state
[  177.511462][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  177.519163][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  177.533798][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  177.549475][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  177.557706][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  177.565085][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  177.573240][ T6719] device veth0_vlan entered promiscuous mode
[  177.588902][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  177.598794][ T6719] device veth1_macvtap entered promiscuous mode
[  177.613026][  T873] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  177.623011][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  177.655149][ T6726] device syzkaller0 entered promiscuous mode
[  177.731953][ T6735] incfs_lookup_dentry err:-13
[  177.738218][ T6735] binder: BINDER_SET_CONTEXT_MGR already set
[  177.744042][ T6735] binder: 6734:6735 ioctl 40046207 0 returned -16
[  177.778061][   T45] device bridge_slave_1 left promiscuous mode
[  177.784014][   T45] bridge0: port 2(bridge_slave_1) entered disabled state
[  177.791996][   T45] device bridge_slave_0 left promiscuous mode
[  177.797929][   T45] bridge0: port 1(bridge_slave_0) entered disabled state
[  177.805902][   T45] device veth1_macvtap left promiscuous mode
[  177.811829][   T45] device veth0_vlan left promiscuous mode
[  177.908169][ T6743] loop1: detected capacity change from 0 to 1024
[  177.950194][ T6743] EXT4-fs (loop1): Ignoring removed orlov option
[  177.956341][ T6743] EXT4-fs (loop1): Ignoring removed nomblk_io_submit option
[  177.971041][ T6743] EXT4-fs (loop1): mounted filesystem without journal. Opts: noblock_validity,bsddf,sysvgroups,norecovery,debug_want_extra_isize=0x0000000000000080,orlov,errors=continue,noauto_da_alloc,nomblk_io_submit,,errors=continue. Quota mode: none.
[  177.996712][   T30] kauditd_printk_skb: 59 callbacks suppressed
[  177.996725][   T30] audit: type=1400 audit(1718610437.887:1125): avc:  denied  { map } for  pid=6742 comm="syz-executor.1" path="/root/syzkaller-testdir2044784594/syzkaller.SClLMs/4/file1/file0/bus" dev="devtmpfs" ino=113 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  178.014511][ T6743] EXT4-fs error (device loop1): get_max_inline_xattr_value_size:69: inode #12: comm syz-executor.1: corrupt xattr in inline inode
[  178.044912][   T20] usb 4-1: new high-speed USB device number 21 using dummy_hcd
[  178.045216][ T6743] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2213: inode #12: comm syz-executor.1: corrupted in-inode xattr
[  178.074505][   T30] audit: type=1400 audit(1718610437.962:1126): avc:  denied  { unlink } for  pid=6719 comm="syz-executor.1" name="file1" dev="loop1" ino=14 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=lnk_file permissive=1
[  178.098078][ T6719] ==================================================================
[  178.105949][ T6719] BUG: KASAN: use-after-free in ext4_xattr_delete_inode+0xcd0/0xce0
[  178.113759][ T6719] Read of size 4 at addr ffff88812ef44000 by task syz-executor.1/6719
[  178.121744][ T6719] 
[  178.123915][ T6719] CPU: 1 PID: 6719 Comm: syz-executor.1 Not tainted 5.15.149-syzkaller-00165-g85445b5a2107 #0
[  178.133981][ T6719] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[  178.143885][ T6719] Call Trace:
[  178.147003][ T6719]  <TASK>
[  178.149781][ T6719]  dump_stack_lvl+0x151/0x1b7
[  178.154294][ T6719]  ? io_uring_drop_tctx_refs+0x190/0x190
[  178.159759][ T6719]  ? panic+0x751/0x751
[  178.163667][ T6719]  print_address_description+0x87/0x3b0
[  178.169047][ T6719]  kasan_report+0x179/0x1c0
[  178.173387][ T6719]  ? ext4_xattr_delete_inode+0xcd0/0xce0
[  178.178852][ T6719]  ? ext4_xattr_delete_inode+0xcd0/0xce0
[  178.184322][ T6719]  __asan_report_load4_noabort+0x14/0x20
[  178.189791][ T6719]  ext4_xattr_delete_inode+0xcd0/0xce0
[  178.195088][ T6719]  ? sb_end_intwrite+0x120/0x120
[  178.199858][ T6719]  ? ext4_expand_extra_isize_ea+0x1bb0/0x1bb0
[  178.205764][ T6719]  ? ext4_journal_check_start+0x16c/0x230
[  178.211316][ T6719]  ? __kasan_check_read+0x11/0x20
[  178.216173][ T6719]  ? ext4_inode_is_fast_symlink+0x295/0x3d0
[  178.221931][ T6719]  ? ext4_evict_inode+0xb8d/0x14e0
[  178.226849][ T6719]  ext4_evict_inode+0xea1/0x14e0
[  178.231627][ T6719]  ? _raw_spin_unlock+0x4d/0x70
[  178.236312][ T6719]  ? ext4_inode_is_fast_symlink+0x3d0/0x3d0
[  178.242037][ T6719]  ? _raw_spin_unlock+0x4d/0x70
[  178.246725][ T6719]  ? inode_io_list_del+0x18b/0x1a0
[  178.251672][ T6719]  ? ext4_inode_is_fast_symlink+0x3d0/0x3d0
[  178.257406][ T6719]  evict+0x2a3/0x630
[  178.261137][ T6719]  iput+0x63b/0x7e0
[  178.264781][ T6719]  vfs_rmdir+0x359/0x470
[  178.268857][ T6719]  do_rmdir+0x3ab/0x630
[  178.272850][ T6719]  ? d_delete_notify+0x160/0x160
[  178.277634][ T6719]  __x64_sys_unlinkat+0xdf/0xf0
[  178.282310][ T6719]  do_syscall_64+0x3d/0xb0
[  178.286563][ T6719]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  178.292299][ T6719] RIP: 0033:0x7f70804b2687
[  178.296547][ T6719] Code: 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 07 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  178.315985][ T6719] RSP: 002b:00007ffdf046f048 EFLAGS: 00000207 ORIG_RAX: 0000000000000107
[  178.324242][ T6719] RAX: ffffffffffffffda RBX: 0000000000000065 RCX: 00007f70804b2687
[  178.332045][ T6719] RDX: 0000000000000200 RSI: 00007ffdf04701f0 RDI: 00000000ffffff9c
[  178.339854][ T6719] RBP: 00007f708050f636 R08: 0000000000000000 R09: 0000000000000000
[  178.347665][ T6719] R10: 0000000000000100 R11: 0000000000000207 R12: 00007ffdf04701f0
[  178.355475][ T6719] R13: 00007f708050f636 R14: 0000000000029c29 R15: 0000000000000007
[  178.363309][ T6719]  </TASK>
[  178.366154][ T6719] 
[  178.368323][ T6719] The buggy address belongs to the page:
[  178.373796][ T6719] page:ffffea0004bbd100 refcount:0 mapcount:0 mapping:0000000000000000 index:0x1 pfn:0x12ef44
[  178.383860][ T6719] flags: 0x4000000000000000(zone=1)
[  178.388897][ T6719] raw: 4000000000000000 ffffea0004927a08 ffffea0004b21e48 0000000000000000
[  178.397319][ T6719] raw: 0000000000000001 0000000000000000 00000000ffffffff 0000000000000000
[  178.405729][ T6719] page dumped because: kasan: bad access detected
[  178.411980][ T6719] page_owner tracks the page as freed
[  178.417188][ T6719] page last allocated via order 0, migratetype Movable, gfp_mask 0x100dca(GFP_HIGHUSER_MOVABLE|__GFP_ZERO), pid 6709, ts 176735335311, free_ts 177568434063
[  178.432639][ T6719]  post_alloc_hook+0x1a3/0x1b0
[  178.437236][ T6719]  prep_new_page+0x1b/0x110
[  178.441579][ T6719]  get_page_from_freelist+0x3550/0x35d0
[  178.446957][ T6719]  __alloc_pages+0x27e/0x8f0
[  178.451379][ T6719]  wp_page_copy+0x1d4/0x1b00
[  178.455809][ T6719]  do_wp_page+0x6fa/0xb60
[  178.459971][ T6719]  handle_pte_fault+0x7c0/0x24d0
[  178.464747][ T6719]  do_handle_mm_fault+0x1ea9/0x23a0
[  178.469782][ T6719]  exc_page_fault+0x3b5/0x830
[  178.474293][ T6719]  asm_exc_page_fault+0x27/0x30
[  178.478979][ T6719] page last free stack trace:
[  178.483492][ T6719]  free_unref_page_prepare+0x7c8/0x7d0
[  178.488789][ T6719]  free_unref_page_list+0x14b/0xa60
[  178.493820][ T6719]  release_pages+0x1310/0x1370
[  178.498423][ T6719]  free_pages_and_swap_cache+0x8a/0xa0
[  178.503724][ T6719]  tlb_flush_mmu+0xd0/0x180
[  178.508058][ T6719]  unmap_page_range+0x1c70/0x1ed0
[  178.512916][ T6719]  unmap_vmas+0x389/0x560
[  178.517081][ T6719]  exit_mmap+0x3e4/0x940
[  178.521160][ T6719]  __mmput+0x95/0x310
[  178.524980][ T6719]  mmput+0x5b/0x170
[  178.528627][ T6719]  do_exit+0xb9c/0x2ca0
[  178.532616][ T6719]  do_group_exit+0x141/0x310
[  178.537045][ T6719]  __x64_sys_exit_group+0x3f/0x40
[  178.541906][ T6719]  do_syscall_64+0x3d/0xb0
[  178.546159][ T6719]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  178.551886][ T6719] 
[  178.554053][ T6719] Memory state around the buggy address:
[  178.559527][ T6719]  ffff88812ef43f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  178.567429][ T6719]  ffff88812ef43f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  178.575323][ T6719] >ffff88812ef44000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  178.583219][ T6719]                    ^
[  178.587126][ T6719]  ffff88812ef44080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  178.595023][ T6719]  ffff88812ef44100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
2024/06/17 07:47:18 SYZFATAL: failed to recv *flatrpc.HostMessageRaw: EOF
[  178.602919][ T6719] ==================================================================
[  178.610818][ T6719] Disabling lock debugging due to kernel taint
[  178.618075][   T39] Bluetooth: hci0: command 0x1003 tx timeout
[  178.651284][ T6695] Bluetooth: hci0: sending frame failed (-49)
[  178.664530][  T612] usbhid 5-1:0.0: can't add hid device: -71
[  178.670275][  T612] usbhid: probe of 5-1:0.0 failed with error -71
[  178.677215][ T5020] bridge0: port 3(syz_tun) entered disabled state
[  178.687457][  T612] usb 5-1: USB disconnect, device number 24
[  178.698661][ T5020] device syz_tun left promiscuous mode
[  178.703957][ T5020] bridge0: port 3(syz_tun) entered disabled state